CVE

Id
43430  
CVE No.
CVE-2010-0846  
Status
Candidate  
Description
Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an "invalid assignment" and inconsistent length values in a JPEG image encoder (JPEGImageEncoderImpl).  
Phase
Assigned (20100303)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
473489 43430 CVE-2010-0846 BUGTRAQ:20100405 ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability  View
473490 43430 CVE-2010-0846 URL:http://www.securityfocus.com/archive/1/archive/1/510541/100/0/threaded  View
473491 43430 CVE-2010-0846 BUGTRAQ:20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX  View
473492 43430 CVE-2010-0846 URL:http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded  View
473493 43430 CVE-2010-0846 MISC:http://www.zerodayinitiative.com/advisories/ZDI-10-059  View
473494 43430 CVE-2010-0846 CONFIRM:http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html  View
473495 43430 CVE-2010-0846 CONFIRM:http://support.apple.com/kb/HT4170  View
473496 43430 CVE-2010-0846 CONFIRM:http://support.apple.com/kb/HT4171  View
473497 43430 CVE-2010-0846 CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html  View
473498 43430 CVE-2010-0846 CONFIRM:http://www.vmware.com/security/advisories/VMSA-2011-0003.html  View
473499 43430 CVE-2010-0846 CONFIRM:http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html  View
473500 43430 CVE-2010-0846 APPLE:APPLE-SA-2010-05-18-1  View
473501 43430 CVE-2010-0846 URL:http://lists.apple.com/archives/security-announce/2010//May/msg00001.html  View
473502 43430 CVE-2010-0846 APPLE:APPLE-SA-2010-05-18-2  View
473503 43430 CVE-2010-0846 URL:http://lists.apple.com/archives/security-announce/2010//May/msg00002.html  View
473504 43430 CVE-2010-0846 HP:HPSBMA02547  View
473505 43430 CVE-2010-0846 URL:http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751  View
473506 43430 CVE-2010-0846 HP:SSRT100179  View
473507 43430 CVE-2010-0846 URL:http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751  View
473508 43430 CVE-2010-0846 HP:HPSBMU02799  View
473509 43430 CVE-2010-0846 URL:http://marc.info/?l=bugtraq&m=134254866602253&w=2  View
473510 43430 CVE-2010-0846 HP:HPSBUX02524  View
473511 43430 CVE-2010-0846 URL:http://marc.info/?l=bugtraq&m=127557596201693&w=2  View
473512 43430 CVE-2010-0846 HP:SSRT100089  View
473513 43430 CVE-2010-0846 URL:http://marc.info/?l=bugtraq&m=127557596201693&w=2  View
473514 43430 CVE-2010-0846 REDHAT:RHSA-2010:0337  View
473515 43430 CVE-2010-0846 URL:http://www.redhat.com/support/errata/RHSA-2010-0337.html  View
473516 43430 CVE-2010-0846 REDHAT:RHSA-2010:0338  View
473517 43430 CVE-2010-0846 URL:http://www.redhat.com/support/errata/RHSA-2010-0338.html  View
473518 43430 CVE-2010-0846 REDHAT:RHSA-2010:0383  View
473519 43430 CVE-2010-0846 URL:http://www.redhat.com/support/errata/RHSA-2010-0383.html  View
473520 43430 CVE-2010-0846 REDHAT:RHSA-2010:0471  View
473521 43430 CVE-2010-0846 URL:http://www.redhat.com/support/errata/RHSA-2010-0471.html  View
473522 43430 CVE-2010-0846 REDHAT:RHSA-2010:0489  View
473523 43430 CVE-2010-0846 URL:http://www.redhat.com/support/errata/RHSA-2010-0489.html  View
473524 43430 CVE-2010-0846 SUSE:SUSE-SR:2010:008  View
473525 43430 CVE-2010-0846 URL:http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html  View
473526 43430 CVE-2010-0846 SUSE:SUSE-SR:2010:017  View
473527 43430 CVE-2010-0846 URL:http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html  View
473528 43430 CVE-2010-0846 BID:39062  View
473529 43430 CVE-2010-0846 URL:http://www.securityfocus.com/bid/39062  View
473530 43430 CVE-2010-0846 OVAL:oval:org.mitre.oval:def:14503  View
473531 43430 CVE-2010-0846 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14503  View
473532 43430 CVE-2010-0846 SECUNIA:39317  View
473533 43430 CVE-2010-0846 URL:http://secunia.com/advisories/39317  View
473534 43430 CVE-2010-0846 SECUNIA:39659  View
473535 43430 CVE-2010-0846 URL:http://secunia.com/advisories/39659  View
473536 43430 CVE-2010-0846 SECUNIA:39819  View
473537 43430 CVE-2010-0846 URL:http://secunia.com/advisories/39819  View
473538 43430 CVE-2010-0846 SECUNIA:40211  View
473539 43430 CVE-2010-0846 URL:http://secunia.com/advisories/40211  View
473540 43430 CVE-2010-0846 SECUNIA:40545  View
473541 43430 CVE-2010-0846 URL:http://secunia.com/advisories/40545  View
473542 43430 CVE-2010-0846 SECUNIA:43308  View
473543 43430 CVE-2010-0846 URL:http://secunia.com/advisories/43308  View
473544 43430 CVE-2010-0846 VUPEN:ADV-2010-1191  View
473545 43430 CVE-2010-0846 URL:http://www.vupen.com/english/advisories/2010/1191  View
473546 43430 CVE-2010-0846 VUPEN:ADV-2010-1454  View
473547 43430 CVE-2010-0846 URL:http://www.vupen.com/english/advisories/2010/1454  View
473548 43430 CVE-2010-0846 VUPEN:ADV-2010-1523  View
473549 43430 CVE-2010-0846 URL:http://www.vupen.com/english/advisories/2010/1523  View
473550 43430 CVE-2010-0846 VUPEN:ADV-2010-1793  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
35540 JVNDB-2010-001320 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性 複数の Oracle 製品の Java 2D コンポーネントには、機密性、完全性、可用性に影響のある脆弱性が存在します。 CVE-2010-0850 43430 7.5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001320.html  View