CVE-2010-0840 (GCVE-0-2010-0840)
Vulnerability from cvelistv5 – Published: 2010-04-01 16:00 – Updated: 2025-10-22 00:05
VLAI?
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability."
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:39.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2010-05-18-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/510528/100/0/threaded"
},
{
"name": "39317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39317"
},
{
"name": "RHSA-2010:0383",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0383.html"
},
{
"name": "40545",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40545"
},
{
"name": "ADV-2010-1454",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1454"
},
{
"name": "oval:org.mitre.oval:def:13971",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971"
},
{
"name": "39819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39819"
},
{
"name": "ADV-2010-1107",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"name": "RHSA-2010:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
},
{
"name": "ADV-2010-1793",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1793"
},
{
"name": "APPLE-SA-2010-05-18-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
},
{
"name": "SUSE-SR:2010:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"name": "43308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43308"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "SSRT100179",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name": "SSRT100089",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
},
{
"name": "RHSA-2010:0339",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html"
},
{
"name": "HPSBUX02524",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"name": "39292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39292"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4170"
},
{
"name": "ADV-2010-1523",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1523"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name": "39065",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39065"
},
{
"name": "SUSE-SR:2010:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"name": "39659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39659"
},
{
"name": "RHSA-2010:0471",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0471.html"
},
{
"name": "SUSE-SR:2010:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name": "USN-923-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-923-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "RHSA-2010:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
},
{
"name": "RHSA-2010:0489",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
},
{
"name": "HPSBMA02547",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-056"
},
{
"name": "40211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40211"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4171"
},
{
"name": "oval:org.mitre.oval:def:9974",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974"
},
{
"name": "MDVSA-2010:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "ADV-2010-1191",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1191"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2010-0840",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T18:55:12.239252Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-05-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0840"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:52.754Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0840"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-05-25T00:00:00.000Z",
"value": "CVE-2010-0840 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \"a similar trust issue with interfaces,\" aka \"Trusted Methods Chaining Remote Code Execution Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "APPLE-SA-2010-05-18-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/510528/100/0/threaded"
},
{
"name": "39317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39317"
},
{
"name": "RHSA-2010:0383",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0383.html"
},
{
"name": "40545",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40545"
},
{
"name": "ADV-2010-1454",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1454"
},
{
"name": "oval:org.mitre.oval:def:13971",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971"
},
{
"name": "39819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39819"
},
{
"name": "ADV-2010-1107",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"name": "RHSA-2010:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
},
{
"name": "ADV-2010-1793",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1793"
},
{
"name": "APPLE-SA-2010-05-18-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
},
{
"name": "SUSE-SR:2010:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"name": "43308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43308"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "SSRT100179",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name": "SSRT100089",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
},
{
"name": "RHSA-2010:0339",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html"
},
{
"name": "HPSBUX02524",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"name": "39292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39292"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4170"
},
{
"name": "ADV-2010-1523",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1523"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name": "39065",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39065"
},
{
"name": "SUSE-SR:2010:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"name": "39659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39659"
},
{
"name": "RHSA-2010:0471",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0471.html"
},
{
"name": "SUSE-SR:2010:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name": "USN-923-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-923-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "RHSA-2010:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
},
{
"name": "RHSA-2010:0489",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
},
{
"name": "HPSBMA02547",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-056"
},
{
"name": "40211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40211"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4171"
},
{
"name": "oval:org.mitre.oval:def:9974",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974"
},
{
"name": "MDVSA-2010:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "ADV-2010-1191",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1191"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-0840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \"a similar trust issue with interfaces,\" aka \"Trusted Methods Chaining Remote Code Execution Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2010-05-18-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
},
{
"name": "HPSBMU02799",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510528/100/0/threaded"
},
{
"name": "39317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39317"
},
{
"name": "RHSA-2010:0383",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0383.html"
},
{
"name": "40545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40545"
},
{
"name": "ADV-2010-1454",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1454"
},
{
"name": "oval:org.mitre.oval:def:13971",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971"
},
{
"name": "39819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39819"
},
{
"name": "ADV-2010-1107",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"name": "RHSA-2010:0338",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
},
{
"name": "ADV-2010-1793",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1793"
},
{
"name": "APPLE-SA-2010-05-18-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
},
{
"name": "SUSE-SR:2010:011",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"name": "43308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43308"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "SSRT100179",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name": "SSRT100089",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
},
{
"name": "RHSA-2010:0339",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html"
},
{
"name": "HPSBUX02524",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"name": "39292",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39292"
},
{
"name": "http://support.apple.com/kb/HT4170",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4170"
},
{
"name": "ADV-2010-1523",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1523"
},
{
"name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name": "39065",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39065"
},
{
"name": "SUSE-SR:2010:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"name": "39659",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39659"
},
{
"name": "RHSA-2010:0471",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0471.html"
},
{
"name": "SUSE-SR:2010:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name": "USN-923-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-923-1"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "RHSA-2010:0337",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
},
{
"name": "RHSA-2010:0489",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
},
{
"name": "HPSBMA02547",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-056",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-056"
},
{
"name": "40211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40211"
},
{
"name": "http://support.apple.com/kb/HT4171",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4171"
},
{
"name": "oval:org.mitre.oval:def:9974",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974"
},
{
"name": "MDVSA-2010:084",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "ADV-2010-1191",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1191"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2010-0840",
"datePublished": "2010-04-01T16:00:00.000Z",
"dateReserved": "2010-03-03T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:52.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2010-0840",
"dateAdded": "2022-05-25",
"dueDate": "2022-06-15",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-0840",
"product": "Java Runtime Environment (JRE)",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors.",
"vendorProject": "Oracle",
"vulnerabilityName": "Oracle JRE Unspecified Vulnerability"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html\", \"name\": \"APPLE-SA-2010-05-18-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/510528/100/0/threaded\", \"name\": \"20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39317\", \"name\": \"39317\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0383.html\", \"name\": \"RHSA-2010:0383\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/40545\", \"name\": \"40545\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1454\", \"name\": \"ADV-2010-1454\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971\", \"name\": \"oval:org.mitre.oval:def:13971\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39819\", \"name\": \"39819\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1107\", \"name\": \"ADV-2010-1107\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0338.html\", \"name\": \"RHSA-2010:0338\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1793\", \"name\": \"ADV-2010-1793\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html\", \"name\": \"APPLE-SA-2010-05-18-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html\", \"name\": \"SUSE-SR:2010:011\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/43308\", \"name\": \"43308\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"SSRT100179\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"SSRT100089\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0339.html\", \"name\": \"RHSA-2010:0339\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"HPSBUX02524\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39292\", \"name\": \"39292\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://support.apple.com/kb/HT4170\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1523\", \"name\": \"ADV-2010-1523\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/39065\", \"name\": \"39065\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\", \"name\": \"SUSE-SR:2010:008\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39659\", \"name\": \"39659\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0471.html\", \"name\": \"RHSA-2010:0471\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html\", \"name\": \"SUSE-SR:2010:017\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://ubuntu.com/usn/usn-923-1\", \"name\": \"USN-923-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0337.html\", \"name\": \"RHSA-2010:0337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0489.html\", \"name\": \"RHSA-2010:0489\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"HPSBMA02547\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-10-056\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/40211\", \"name\": \"40211\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://support.apple.com/kb/HT4171\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974\", \"name\": \"oval:org.mitre.oval:def:9974\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084\", \"name\": \"MDVSA-2010:084\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/516397/100/0/threaded\", \"name\": \"20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1191\", \"name\": \"ADV-2010-1191\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-07T00:59:39.358Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2010-0840\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T18:55:12.239252Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-05-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0840\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-05-25T00:00:00.000Z\", \"value\": \"CVE-2010-0840 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0840\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T18:55:02.519Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2010-03-30T00:00:00.000Z\", \"references\": [{\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html\", \"name\": \"APPLE-SA-2010-05-18-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/510528/100/0/threaded\", \"name\": \"20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://secunia.com/advisories/39317\", \"name\": \"39317\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0383.html\", \"name\": \"RHSA-2010:0383\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://secunia.com/advisories/40545\", \"name\": \"40545\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1454\", \"name\": \"ADV-2010-1454\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971\", \"name\": \"oval:org.mitre.oval:def:13971\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://secunia.com/advisories/39819\", \"name\": \"39819\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1107\", \"name\": \"ADV-2010-1107\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0338.html\", \"name\": \"RHSA-2010:0338\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1793\", \"name\": \"ADV-2010-1793\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html\", \"name\": \"APPLE-SA-2010-05-18-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html\", \"name\": \"SUSE-SR:2010:011\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/43308\", \"name\": \"43308\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"SSRT100179\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"SSRT100089\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0339.html\", \"name\": \"RHSA-2010:0339\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"HPSBUX02524\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/39292\", \"name\": \"39292\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://support.apple.com/kb/HT4170\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1523\", \"name\": \"ADV-2010-1523\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/bid/39065\", \"name\": \"39065\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\", \"name\": \"SUSE-SR:2010:008\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/39659\", \"name\": \"39659\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0471.html\", \"name\": \"RHSA-2010:0471\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html\", \"name\": \"SUSE-SR:2010:017\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://ubuntu.com/usn/usn-923-1\", \"name\": \"USN-923-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0337.html\", \"name\": \"RHSA-2010:0337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0489.html\", \"name\": \"RHSA-2010:0489\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"HPSBMA02547\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-10-056\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://secunia.com/advisories/40211\", \"name\": \"40211\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://support.apple.com/kb/HT4171\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974\", \"name\": \"oval:org.mitre.oval:def:9974\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084\", \"name\": \"MDVSA-2010:084\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/516397/100/0/threaded\", \"name\": \"20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1191\", \"name\": \"ADV-2010-1191\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \\\"a similar trust issue with interfaces,\\\" aka \\\"Trusted Methods Chaining Remote Code Execution Vulnerability.\\\"\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2018-10-10T18:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html\", \"name\": \"APPLE-SA-2010-05-18-1\", \"refsource\": \"APPLE\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"refsource\": \"HP\"}, {\"url\": \"http://www.securityfocus.com/archive/1/510528/100/0/threaded\", \"name\": \"20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://secunia.com/advisories/39317\", \"name\": \"39317\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0383.html\", \"name\": \"RHSA-2010:0383\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://secunia.com/advisories/40545\", \"name\": \"40545\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1454\", \"name\": \"ADV-2010-1454\", \"refsource\": \"VUPEN\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971\", \"name\": \"oval:org.mitre.oval:def:13971\", \"refsource\": \"OVAL\"}, {\"url\": \"http://secunia.com/advisories/39819\", \"name\": \"39819\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1107\", \"name\": \"ADV-2010-1107\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0338.html\", \"name\": \"RHSA-2010:0338\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1793\", \"name\": \"ADV-2010-1793\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html\", \"name\": \"APPLE-SA-2010-05-18-2\", \"refsource\": \"APPLE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html\", \"name\": \"SUSE-SR:2010:011\", \"refsource\": \"SUSE\"}, {\"url\": \"http://secunia.com/advisories/43308\", \"name\": \"43308\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"SSRT100179\", \"refsource\": \"HP\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"SSRT100089\", \"refsource\": \"HP\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0339.html\", \"name\": \"RHSA-2010:0339\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"HPSBUX02524\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/39292\", \"name\": \"39292\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://support.apple.com/kb/HT4170\", \"name\": \"http://support.apple.com/kb/HT4170\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1523\", \"name\": \"ADV-2010-1523\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\", \"name\": \"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securityfocus.com/bid/39065\", \"name\": \"39065\", \"refsource\": \"BID\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\", \"name\": \"SUSE-SR:2010:008\", \"refsource\": \"SUSE\"}, {\"url\": \"http://secunia.com/advisories/39659\", \"name\": \"39659\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0471.html\", \"name\": \"RHSA-2010:0471\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html\", \"name\": \"SUSE-SR:2010:017\", \"refsource\": \"SUSE\"}, {\"url\": \"http://ubuntu.com/usn/usn-923-1\", \"name\": \"USN-923-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"name\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0337.html\", \"name\": \"RHSA-2010:0337\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0489.html\", \"name\": \"RHSA-2010:0489\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"HPSBMA02547\", \"refsource\": \"HP\"}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-10-056\", \"name\": \"http://www.zerodayinitiative.com/advisories/ZDI-10-056\", \"refsource\": \"MISC\"}, {\"url\": \"http://secunia.com/advisories/40211\", \"name\": \"40211\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://support.apple.com/kb/HT4171\", \"name\": \"http://support.apple.com/kb/HT4171\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974\", \"name\": \"oval:org.mitre.oval:def:9974\", \"refsource\": \"OVAL\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084\", \"name\": \"MDVSA-2010:084\", \"refsource\": \"MANDRIVA\"}, {\"url\": \"http://www.securityfocus.com/archive/1/516397/100/0/threaded\", \"name\": \"20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1191\", \"name\": \"ADV-2010-1191\", \"refsource\": \"VUPEN\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \\\"a similar trust issue with interfaces,\\\" aka \\\"Trusted Methods Chaining Remote Code Execution Vulnerability.\\\"\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2010-0840\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2010-0840\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-22T00:05:52.754Z\", \"dateReserved\": \"2010-03-03T00:00:00.000Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2010-04-01T16:00:00.000Z\", \"assignerShortName\": \"oracle\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…