CVE

Id
43433  
CVE No.
CVE-2010-0849  
Status
Candidate  
Description
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image.  
Phase
Assigned (20100303)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
473691 43433 CVE-2010-0849 BUGTRAQ:20100405 ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability  View
473692 43433 CVE-2010-0849 URL:http://www.securityfocus.com/archive/1/archive/1/510548/100/0/threaded  View
473693 43433 CVE-2010-0849 BUGTRAQ:20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX  View
473694 43433 CVE-2010-0849 URL:http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded  View
473695 43433 CVE-2010-0849 MISC:http://www.zerodayinitiative.com/advisories/ZDI-10-057/  View
473696 43433 CVE-2010-0849 CONFIRM:http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html  View
473697 43433 CVE-2010-0849 CONFIRM:http://support.apple.com/kb/HT4170  View
473698 43433 CVE-2010-0849 CONFIRM:http://support.apple.com/kb/HT4171  View
473699 43433 CVE-2010-0849 CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html  View
473700 43433 CVE-2010-0849 CONFIRM:http://www.vmware.com/security/advisories/VMSA-2011-0003.html  View
473701 43433 CVE-2010-0849 CONFIRM:http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html  View
473702 43433 CVE-2010-0849 APPLE:APPLE-SA-2010-05-18-1  View
473703 43433 CVE-2010-0849 URL:http://lists.apple.com/archives/security-announce/2010//May/msg00001.html  View
473704 43433 CVE-2010-0849 APPLE:APPLE-SA-2010-05-18-2  View
473705 43433 CVE-2010-0849 URL:http://lists.apple.com/archives/security-announce/2010//May/msg00002.html  View
473706 43433 CVE-2010-0849 HP:HPSBMA02547  View
473707 43433 CVE-2010-0849 URL:http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751  View
473708 43433 CVE-2010-0849 HP:SSRT100179  View
473709 43433 CVE-2010-0849 URL:http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751  View
473710 43433 CVE-2010-0849 HP:HPSBMU02799  View
473711 43433 CVE-2010-0849 URL:http://marc.info/?l=bugtraq&m=134254866602253&w=2  View
473712 43433 CVE-2010-0849 HP:HPSBUX02524  View
473713 43433 CVE-2010-0849 URL:http://marc.info/?l=bugtraq&m=127557596201693&w=2  View
473714 43433 CVE-2010-0849 HP:SSRT100089  View
473715 43433 CVE-2010-0849 URL:http://marc.info/?l=bugtraq&m=127557596201693&w=2  View
473716 43433 CVE-2010-0849 REDHAT:RHSA-2010:0337  View
473717 43433 CVE-2010-0849 URL:http://www.redhat.com/support/errata/RHSA-2010-0337.html  View
473718 43433 CVE-2010-0849 REDHAT:RHSA-2010:0338  View
473719 43433 CVE-2010-0849 URL:http://www.redhat.com/support/errata/RHSA-2010-0338.html  View
473720 43433 CVE-2010-0849 REDHAT:RHSA-2010:0383  View
473721 43433 CVE-2010-0849 URL:http://www.redhat.com/support/errata/RHSA-2010-0383.html  View
473722 43433 CVE-2010-0849 REDHAT:RHSA-2010:0471  View
473723 43433 CVE-2010-0849 URL:http://www.redhat.com/support/errata/RHSA-2010-0471.html  View
473724 43433 CVE-2010-0849 REDHAT:RHSA-2010:0489  View
473725 43433 CVE-2010-0849 URL:http://www.redhat.com/support/errata/RHSA-2010-0489.html  View
473726 43433 CVE-2010-0849 SUSE:SUSE-SR:2010:008  View
473727 43433 CVE-2010-0849 URL:http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html  View
473728 43433 CVE-2010-0849 SUSE:SUSE-SR:2010:017  View
473729 43433 CVE-2010-0849 URL:http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html  View
473730 43433 CVE-2010-0849 BID:39073  View
473731 43433 CVE-2010-0849 URL:http://www.securityfocus.com/bid/39073  View
473732 43433 CVE-2010-0849 OVAL:oval:org.mitre.oval:def:13795  View
473733 43433 CVE-2010-0849 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13795  View
473734 43433 CVE-2010-0849 SECUNIA:39317  View
473735 43433 CVE-2010-0849 URL:http://secunia.com/advisories/39317  View
473736 43433 CVE-2010-0849 SECUNIA:39659  View
473737 43433 CVE-2010-0849 URL:http://secunia.com/advisories/39659  View
473738 43433 CVE-2010-0849 SECUNIA:39819  View
473739 43433 CVE-2010-0849 URL:http://secunia.com/advisories/39819  View
473740 43433 CVE-2010-0849 SECUNIA:40211  View
473741 43433 CVE-2010-0849 URL:http://secunia.com/advisories/40211  View
473742 43433 CVE-2010-0849 SECUNIA:40545  View
473743 43433 CVE-2010-0849 URL:http://secunia.com/advisories/40545  View
473744 43433 CVE-2010-0849 SECUNIA:43308  View
473745 43433 CVE-2010-0849 URL:http://secunia.com/advisories/43308  View
473746 43433 CVE-2010-0849 VUPEN:ADV-2010-1191  View
473747 43433 CVE-2010-0849 URL:http://www.vupen.com/english/advisories/2010/1191  View
473748 43433 CVE-2010-0849 VUPEN:ADV-2010-1454  View
473749 43433 CVE-2010-0849 URL:http://www.vupen.com/english/advisories/2010/1454  View
473750 43433 CVE-2010-0849 VUPEN:ADV-2010-1523  View
473751 43433 CVE-2010-0849 URL:http://www.vupen.com/english/advisories/2010/1523  View
473752 43433 CVE-2010-0849 VUPEN:ADV-2010-1793  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
35616 JVNDB-2010-001396 複数の Oracle 製品の Oracle Internet Directory コンポーネントにおける脆弱性 複数の Oracle 製品の Oracle Internet Directory コンポーネントには、機密性、完全性、可用性に影響のある脆弱性が存在します。 CVE-2010-0853 43433 7.5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001396.html  View