CVE-2010-0838
CVE-2010-0838
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/15056unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751http://lists.apple.com/archives/security-announce/2010//May/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2010//May/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.htmlhttp://marc.info/?l=bugtraq&m=127557596201693&w=2http://marc.info/?l=bugtraq&m=134254866602253&w=2http://secunia.com/advisories/39292http://secunia.com/advisories/39317http://secunia.com/advisories/39659http://secunia.com/advisories/39819http://secunia.com/advisories/40545