National Cyber Awareness System

Vulnerability Summary for CVE-2010-4470

Overview

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to "Features set on SchemaFactory not inherited by Validator."

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: CONFIRM

Name: http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

Type: Advisory; Patch Information

Hyperlink:http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

External Source: CONFIRM

Name: http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

Type: Advisory; Patch Information

Hyperlink:http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

External Source: XF

Name: oracle-runtime-dos(65404)

Hyperlink:http://xforce.iss.net/xforce/xfdb/65404

External Source: BID

Name: 46387

Hyperlink:http://www.securityfocus.com/bid/46387

External Source: REDHAT

Name: RHSA-2011:0282

Type: Advisory

Hyperlink:http://www.redhat.com/support/errata/RHSA-2011-0282.html

External Source: REDHAT

Name: RHSA-2011:0281

Type: Advisory

Hyperlink:http://www.redhat.com/support/errata/RHSA-2011-0281.html

External Source: MANDRIVA

Name: MDVSA-2011:054

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2011:054

External Source: DEBIAN

Name: DSA-2224

Hyperlink:http://www.debian.org/security/2011/dsa-2224

External Source: SECUNIA

Name: 43350

Type: Advisory

Hyperlink:http://secunia.com/advisories/43350

External Source: OVAL

Name: oval:org.mitre.oval:def:14076

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14076

External Source: OVAL

Name: oval:org.mitre.oval:def:12887

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12887

External Source: FEDORA

Name: FEDORA-2011-1645

Hyperlink:http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html

External Source: FEDORA

Name: FEDORA-2011-1631

Hyperlink:http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html

References to Check Content

Identifier:oval:org.mitre.oval:def:14076

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14076

Identifier:oval:org.mitre.oval:def:12887

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12887