Vulnerability Details : CVE-2010-0886
Public exploit exists!
Unspecified vulnerability in the Java Deployment Toolkit component in Oracle Java SE and Java for Business JDK and JRE 6 Update 10 through 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Products affected by CVE-2010-0886
- cpe:2.3:a:sun:jdk:1.6.0:update13:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update12:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update11:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update10:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update16:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update15:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update14:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update17:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update18:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update19:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update10:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update15:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update14:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update12:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update16:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update17:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update18:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update19:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2010-0886
77.99%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2010-0886
-
Sun Java Web Start Plugin Command Line Argument Injection
Disclosure Date: 2010-04-09First seen: 2020-04-26exploit/windows/browser/java_ws_arginject_altjvmThis module exploits a flaw in the Web Start plugin component of Sun Java Web Start. The arguments passed to Java Web Start are not properly validated. By passing the lesser known -J option, an attacker can pass arbitrary options directly to the Java runtime. By ut
CVSS scores for CVE-2010-0886
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2010-0886
-
http://sunsolve.sun.com/search/document.do?assetkey=1-66-279590-1
-
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1022294.1-1
-
http://www.vupen.com/english/advisories/2010/1191
Webmail | OVH- OVH
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14216
Repository / Oval Repository
-
http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html
Page not found | OraclePatch;Vendor Advisory
-
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
VMSA-2011-0003.2
-
http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
Apple - Lists.apple.com
-
http://support.apple.com/kb/HT4171
About the security content of Java for Mac OS X 10.6 Update 2 - Apple Support
-
http://lists.apple.com/archives/security-announce/2010//May/msg00002.html
Apple - Lists.apple.com
-
http://support.apple.com/kb/HT4170
About the security content of Java for Mac OS X 10.5 Update 7 - Apple Support
-
http://marc.info/?l=bugtraq&m=134254866602253&w=2
'[security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JD' - MARC
-
http://www.securityfocus.com/archive/1/516397/100/0/threaded
SecurityFocus
-
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
VMware vCenter Server 4.1 Update 1 Release Notes
Jump to