NVD

Id
15195  
Name
CVE-2010-3860  
Description
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-18  
Published
2010-12-08  
Modified Date
2014-10-04  
Seq
2010-3860  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
85501 15195 CVE-2010-3860 http://blog.fuseyism.com/index.php/2010/11/24/icedtea6-176-183-and-192-released/  View
85502 15195 CVE-2010-3860 http://icedtea.classpath.org/hg/release/icedtea6-1.9/rev/9aa0018d8c28  View
85503 15195 CVE-2010-3860 FEDORA-2010-18393  View
85504 15195 CVE-2010-3860 SUSE-SR:2010:023  View
85505 15195 CVE-2010-3860 GLSA-201406-32  View
85506 15195 CVE-2010-3860 RHSA-2011:0176  View
85507 15195 CVE-2010-3860 45114  View
85508 15195 CVE-2010-3860 USN-1024-1  View
85509 15195 CVE-2010-3860 ADV-2010-3090  View
85510 15195 CVE-2010-3860 ADV-2010-3108  View
85511 15195 CVE-2010-3860 ADV-2011-0215  View
85512 15195 CVE-2010-3860 https://bugzilla.redhat.com/show_bug.cgi?id=645843  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
36978 JVNDB-2010-002758 IcedTea における重要な情報を取得される脆弱性 IcedTea は、(1) user.name、(2) user.home および (3) java.home システムプロパティを含んだ重要な情報、あるいはインストールディレクトリのようなその他の重要な情報を取得される脆弱性が存在します。 CVE-2010-3860 46440 CVE-2010-3860 15195 5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002758.html 2010-12-08 2011-02-21 View