National Vulnerability Database (NVD) National Vulnerability Database (CVE-2010-0841)

National Cyber Awareness System

Vulnerability Summary for CVE-2010-0841

Original release date:04/01/2010

Last revised:10/23/2012

Source: US-CERT/NIST

Overview

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and "stepX".

Description

Per: http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html 'Affected product releases and versions: • Java SE: • JDK and JRE 6 Update 18 and earlier for Windows, Solaris, and Linux • JDK 5.0 Update 23 and earlier for Solaris • SDK 1.4.2_25 and earlier for Solaris • Java for Business: • JDK and JRE 6 Update 18 and earlier for Windows, Solaris and Linux • JDK and JRE 5.0 Update 23 and earlier for Windows, Solaris and Linux • SDK and JRE 1.4.2_25 and earlier for Windows, Solaris and Linux'

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: MISC

Name: http://www.zerodayinitiative.com/advisories/ZDI-10-054/

Hyperlink:http://www.zerodayinitiative.com/advisories/ZDI-10-054/

External Source: VUPEN

Name: ADV-2010-1793

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2010/1793

External Source: VUPEN

Name: ADV-2010-1523

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2010/1523

External Source: VUPEN

Name: ADV-2010-1454

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2010/1454

External Source: VUPEN

Name: ADV-2010-1191

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2010/1191

External Source: CONFIRM

Name: http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

Hyperlink:http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

External Source: CONFIRM

Name: http://www.vmware.com/security/advisories/VMSA-2011-0003.html

Hyperlink:http://www.vmware.com/security/advisories/VMSA-2011-0003.html

External Source: BID

Name: 39067

Hyperlink:http://www.securityfocus.com/bid/39067

External Source: BUGTRAQ

Name: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded

External Source: BUGTRAQ

Name: 20100405 ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/510531/100/0/threaded

External Source: REDHAT

Name: RHSA-2010:0489

Hyperlink:http://www.redhat.com/support/errata/RHSA-2010-0489.html

External Source: REDHAT

Name: RHSA-2010:0471

Hyperlink:http://www.redhat.com/support/errata/RHSA-2010-0471.html

External Source: REDHAT

Name: RHSA-2010:0383

Hyperlink:http://www.redhat.com/support/errata/RHSA-2010-0383.html

External Source: REDHAT

Name: RHSA-2010:0338

Hyperlink:http://www.redhat.com/support/errata/RHSA-2010-0338.html

External Source: REDHAT

Name: RHSA-2010:0337

Hyperlink:http://www.redhat.com/support/errata/RHSA-2010-0337.html

External Source: CONFIRM

Name: http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html

Hyperlink:http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html

External Source: CONFIRM

Name: http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

Hyperlink:http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

External Source: CONFIRM

Name: http://support.apple.com/kb/HT4171

Hyperlink:http://support.apple.com/kb/HT4171

External Source: CONFIRM

Name: http://support.apple.com/kb/HT4170

Hyperlink:http://support.apple.com/kb/HT4170

External Source: SECUNIA

Name: 43308

Type: Advisory

Hyperlink:http://secunia.com/advisories/43308

External Source: SECUNIA

Name: 40545

Type: Advisory

Hyperlink:http://secunia.com/advisories/40545

External Source: SECUNIA

Name: 40211

Type: Advisory

Hyperlink:http://secunia.com/advisories/40211

External Source: SECUNIA

Name: 39819

Type: Advisory

Hyperlink:http://secunia.com/advisories/39819

External Source: SECUNIA

Name: 39659

Type: Advisory

Hyperlink:http://secunia.com/advisories/39659

External Source: SECUNIA

Name: 39317

Type: Advisory

Hyperlink:http://secunia.com/advisories/39317

External Source: OVAL

Name: oval:org.mitre.oval:def:14144

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14144

External Source: SUSE

Name: SUSE-SR:2010:017

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

External Source: SUSE

Name: SUSE-SR:2010:008

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

External Source: APPLE

Name: APPLE-SA-2010-05-18-2

Hyperlink:http://lists.apple.com/archives/security-announce/2010//May/msg00002.html

External Source: APPLE

Name: APPLE-SA-2010-05-18-1

Hyperlink:http://lists.apple.com/archives/security-announce/2010//May/msg00001.html

External Source: HP

Name: SSRT100179

Hyperlink:http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

External Source: HP

Name: SSRT100179

Hyperlink:http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

References to Check Content

Identifier:oval:org.mitre.oval:def:14144

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14144

Vulnerable software and versions

Configuration 1

* cpe:/a:sun:jre:1.6.0:update_18 and previous versions

* cpe:/a:sun:jre:1.6.0:update_17

* cpe:/a:sun:jre:1.6.0:update_16

* cpe:/a:sun:jre:1.6.0:update_15

* cpe:/a:sun:jre:1.6.0:update_14

* cpe:/a:sun:jre:1.6.0:update_13

* cpe:/a:sun:jre:1.6.0:update_12

* cpe:/a:sun:jre:1.6.0:update_11

* cpe:/a:sun:jre:1.6.0:update_10

* cpe:/a:sun:jre:1.6.0:update_7

* cpe:/a:sun:jre:1.6.0:update_6

* cpe:/a:sun:jre:1.6.0:update_5

* cpe:/a:sun:jre:1.6.0:update_4

* cpe:/a:sun:jre:1.6.0:update_3

* cpe:/a:sun:jre:1.6.0:update_2

* cpe:/a:sun:jre:1.6.0:update_1

* cpe:/a:sun:jre:1.6.0

Configuration 2

* cpe:/a:sun:jdk:1.6.0

* cpe:/a:sun:jdk:1.6.0:update_17

* cpe:/a:sun:jdk:1.6.0:update_16

* cpe:/a:sun:jdk:1.6.0:update_15

* cpe:/a:sun:jdk:1.6.0:update_14

* cpe:/a:sun:jdk:1.6.0:update_13

* cpe:/a:sun:jdk:1.6.0:update_12

* cpe:/a:sun:jdk:1.6.0:update_11

* cpe:/a:sun:jdk:1.6.0:update_10

* cpe:/a:sun:jdk:1.6.0:update_7

* cpe:/a:sun:jdk:1.6.0:update_6

* cpe:/a:sun:jdk:1.6.0:update_5

* cpe:/a:sun:jdk:1.6.0:update_4

* cpe:/a:sun:jdk:1.6.0:update_3

* cpe:/a:sun:jdk:1.6.0:update2

* cpe:/a:sun:jdk:1.6.0:update1

* cpe:/a:sun:jdk:1.6.0:update1_b06

* cpe:/a:sun:jdk:1.6.0:update_18 and previous versions

Configuration 3

* cpe:/a:sun:jdk:1.5.0

* cpe:/a:sun:jdk:1.5.0:update1

* cpe:/a:sun:jdk:1.5.0:update2

* cpe:/a:sun:jdk:1.5.0:update3

* cpe:/a:sun:jdk:1.5.0:update4

* cpe:/a:sun:jdk:1.5.0:update5

* cpe:/a:sun:jdk:1.5.0:update6

* cpe:/a:sun:jdk:1.5.0:update7

* cpe:/a:sun:jdk:1.5.0:update8

* cpe:/a:sun:jdk:1.5.0:update9

* cpe:/a:sun:jdk:1.5.0:update10

* cpe:/a:sun:jdk:1.5.0:update11

* cpe:/a:sun:jdk:1.5.0:update12

* cpe:/a:sun:jdk:1.5.0:update13

* cpe:/a:sun:jdk:1.5.0:update14

* cpe:/a:sun:jdk:1.5.0:update15

* cpe:/a:sun:jdk:1.5.0:update16

* cpe:/a:sun:jdk:1.5.0:update17

* cpe:/a:sun:jdk:1.5.0:update18

* cpe:/a:sun:jdk:1.5.0:update19

* cpe:/a:sun:jdk:1.5.0:update20

* cpe:/a:sun:jdk:1.5.0:update21

* cpe:/a:sun:jdk:1.5.0:update23 and previous versions

Configuration 4

* cpe:/a:sun:sdk:1.4.2

* cpe:/a:sun:sdk:1.4.2_02

* cpe:/a:sun:sdk:1.4.2_1

* cpe:/a:sun:sdk:1.4.2_10

* cpe:/a:sun:sdk:1.4.2_11

* cpe:/a:sun:sdk:1.4.2_12

* cpe:/a:sun:sdk:1.4.2_13

* cpe:/a:sun:sdk:1.4.2_14

* cpe:/a:sun:sdk:1.4.2_15

* cpe:/a:sun:sdk:1.4.2_16

* cpe:/a:sun:sdk:1.4.2_17

* cpe:/a:sun:sdk:1.4.2_18

* cpe:/a:sun:sdk:1.4.2_19

* cpe:/a:sun:sdk:1.4.2_3

* cpe:/a:sun:sdk:1.4.2_4

* cpe:/a:sun:sdk:1.4.2_5

* cpe:/a:sun:sdk:1.4.2_6

* cpe:/a:sun:sdk:1.4.2_7

* cpe:/a:sun:sdk:1.4.2_8

* cpe:/a:sun:sdk:1.4.2_9

* cpe:/a:sun:sdk:1.4.2_20

* cpe:/a:sun:sdk:1.4.2_21

* cpe:/a:sun:sdk:1.4.2_22

* cpe:/a:sun:sdk:1.4.2_23

* cpe:/a:sun:sdk:1.4.2_24

* cpe:/a:sun:sdk:1.4.2_25 and previous versions

Configuration 5

* cpe:/a:sun:jre:1.5.0

* cpe:/a:sun:jre:1.5.0:update1

* cpe:/a:sun:jre:1.5.0:update2

* cpe:/a:sun:jre:1.5.0:update3

* cpe:/a:sun:jre:1.5.0:update4

* cpe:/a:sun:jre:1.5.0:update5

* cpe:/a:sun:jre:1.5.0:update6

* cpe:/a:sun:jre:1.5.0:update7

* cpe:/a:sun:jre:1.5.0:update8

* cpe:/a:sun:jre:1.5.0:update9

* cpe:/a:sun:jre:1.5.0:update10

* cpe:/a:sun:jre:1.5.0:update11

* cpe:/a:sun:jre:1.5.0:update12

* cpe:/a:sun:jre:1.5.0:update13

* cpe:/a:sun:jre:1.5.0:update14

* cpe:/a:sun:jre:1.5.0:update15

* cpe:/a:sun:jre:1.5.0:update16

* cpe:/a:sun:jre:1.5.0:update17

* cpe:/a:sun:jre:1.5.0:update18

* cpe:/a:sun:jre:1.5.0:update19

* cpe:/a:sun:jre:1.5.0:update20

* cpe:/a:sun:jre:1.5.0:update21

* cpe:/a:sun:jre:1.5.0:update23 and previous versions

Configuration 6

* cpe:/a:sun:jre:1.4.2

* cpe:/a:sun:jre:1.4.2:update1

* cpe:/a:sun:jre:1.4.2:update2

* cpe:/a:sun:jre:1.4.2:update3

* cpe:/a:sun:jre:1.4.2:update4

* cpe:/a:sun:jre:1.4.2:update5

* cpe:/a:sun:jre:1.4.2:update6

* cpe:/a:sun:jre:1.4.2:update7

* cpe:/a:sun:jre:1.4.2:update8

* cpe:/a:sun:jre:1.4.2:update9

* cpe:/a:sun:jre:1.4.2_1

* cpe:/a:sun:jre:1.4.2_10

* cpe:/a:sun:jre:1.4.2_11

* cpe:/a:sun:jre:1.4.2_12

* cpe:/a:sun:jre:1.4.2_13

* cpe:/a:sun:jre:1.4.2_14

* cpe:/a:sun:jre:1.4.2_15

* cpe:/a:sun:jre:1.4.2_16

* cpe:/a:sun:jre:1.4.2_17

* cpe:/a:sun:jre:1.4.2_18

* cpe:/a:sun:jre:1.4.2_19

* cpe:/a:sun:jre:1.4.2_20

* cpe:/a:sun:jre:1.4.2_21

* cpe:/a:sun:jre:1.4.2_22

* cpe:/a:sun:jre:1.4.2_23

* cpe:/a:sun:jre:1.4.2_24

* cpe:/a:sun:jre:1.4.2_25 and previous versions

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Insufficient Information (NVD-CWE-noinfo)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841