CVE-2010-4471

Oracle Java SE/Jav for Bus <6.23 & <5.0.27 - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text.

References (18)

Core 18

Core References

Various Sources x_refsource_confirm

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html

Patch, Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201406-32.xml

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=134254866602253&w=2

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/65405

Patch, Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/44954

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12089

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2011-0880.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43350

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2011-0282.html

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2011/dsa-2224

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14417

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=134254957702612&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/46399

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2011:054

Scores

EPSS 0.0279

EPSS Percentile 86.3%

Details

Status published

Products (3)

sun/jdk 1.6.0 (22 CPE variants)

sun/jdk 1.5.0 (27 CPE variants)

sun/jdk < 1.5.0

Published Feb 17, 2011

Tracked Since Feb 18, 2026