CVE-2010-0840 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-0840 Interim 1 17 2024-07-04T02:47:03Z current 2021-05-30T12:50:42Z 2024-07-04T02:47:03Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-0840 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability." The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WDOO3QGG6JN72XZOR53BKKEBCVIFTNHA/#WDOO3QGG6JN72XZOR53BKKEBCVIFTNHA E-Mail link for SUSE-SA:2010:026 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FNWVTMLLOMVYNPL3M3AU4J4PBTREWWMF/#FNWVTMLLOMVYNPL3M3AU4J4PBTREWWMF E-Mail link for SUSE-SA:2010:028 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TW7KX2U573VSIY5ETX4SNPRUJGCX6OPK/#TW7KX2U573VSIY5ETX4SNPRUJGCX6OPK E-Mail link for SUSE-SR:2010:008 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ACBTGUNJ6CTYWLVUTLYEKQX3ERY3PSCW/#ACBTGUNJ6CTYWLVUTLYEKQX3ERY3PSCW E-Mail link for SUSE-SR:2010:011 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RKDKQLNEM7RLORAT2NPXV4HKQT2JJMHA/#RKDKQLNEM7RLORAT2NPXV4HKQT2JJMHA E-Mail link for SUSE-SR:2010:017 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 java-1_4_2-ibm-1.4.2_sr13.10-0.4.1 java-1_4_2-ibm-1.4.2_sr13.5-0.1.1 java-1_4_2-ibm-jdbc-1.4.2_sr13.10-0.4.1 java-1_4_2-ibm-jdbc-1.4.2_sr13.18-0.4.1 java-1_4_2-ibm-jdbc-1.4.2_sr13.5-0.1.1 java-1_4_2-ibm-plugin-1.4.2_sr13.10-0.4.1 java-1_4_2-ibm-plugin-1.4.2_sr13.18-0.4.1 java-1_4_2-ibm-plugin-1.4.2_sr13.5-0.1.1 java-1_6_0-ibm-1.6.0_sr8.0-0.1.2 java-1_6_0-ibm-1.6.0_sr8.0-0.7.1 java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-alsa-1.6.0_sr8.0-0.1.2 java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 java-1_6_0-ibm-fonts-1.6.0_sr8.0-0.1.2 java-1_6_0-ibm-fonts-1.6.0_sr8.0-0.7.1 java-1_6_0-ibm-jdbc-1.6.0_sr8.0-0.1.2 java-1_6_0-ibm-jdbc-1.6.0_sr8.0-0.7.1 java-1_6_0-ibm-plugin-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr8.0-0.1.2 java-1_6_0-ibm-x86-1.6.0-124.7.1 java-1_4_2-ibm-1.4.2_sr13.5-0.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_4_2-ibm-jdbc-1.4.2_sr13.5-0.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_4_2-ibm-plugin-1.4.2_sr13.5-0.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-1.6.0_sr8.0-0.1.2 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-alsa-1.6.0_sr8.0-0.1.2 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-fonts-1.6.0_sr8.0-0.1.2 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-jdbc-1.6.0_sr8.0-0.1.2 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-plugin-1.6.0_sr8.0-0.1.2 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-x86-1.6.0-124.7.1 as a component of SUSE Linux Enterprise Server 11 java-1_4_2-ibm-1.4.2_sr13.5-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA java-1_4_2-ibm-jdbc-1.4.2_sr13.18-0.4.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA java-1_4_2-ibm-plugin-1.4.2_sr13.18-0.4.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA java-1_6_0-ibm-1.6.0_sr8.0-0.7.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA java-1_6_0-ibm-fonts-1.6.0_sr8.0-0.7.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA java-1_6_0-ibm-jdbc-1.6.0_sr8.0-0.7.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA java-1_6_0-ibm-plugin-1.6.0_sr16.4-0.3.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA java-1_4_2-ibm-1.4.2_sr13.10-0.4.1 as a component of SUSE Linux Enterprise Server 11 SP2 java-1_4_2-ibm-jdbc-1.4.2_sr13.10-0.4.1 as a component of SUSE Linux Enterprise Server 11 SP2 java-1_4_2-ibm-plugin-1.4.2_sr13.10-0.4.1 as a component of SUSE Linux Enterprise Server 11 SP2 java-1_4_2-ibm-1.4.2_sr13.5-0.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_4_2-ibm-jdbc-1.4.2_sr13.5-0.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_4_2-ibm-plugin-1.4.2_sr13.5-0.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-1.6.0_sr8.0-0.1.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-alsa-1.6.0_sr8.0-0.1.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-fonts-1.6.0_sr8.0-0.1.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-jdbc-1.6.0_sr8.0-0.1.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-plugin-1.6.0_sr8.0-0.1.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-x86-1.6.0-124.7.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability." CVE-2010-0840 SUSE Linux Enterprise Server 11:java-1_4_2-ibm-1.4.2_sr13.5-0.1.1 SUSE Linux Enterprise Server 11:java-1_4_2-ibm-jdbc-1.4.2_sr13.5-0.1.1 SUSE Linux Enterprise Server 11:java-1_4_2-ibm-plugin-1.4.2_sr13.5-0.1.1 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-1.6.0_sr8.0-0.1.2 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-alsa-1.6.0_sr8.0-0.1.2 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-fonts-1.6.0_sr8.0-0.1.2 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-jdbc-1.6.0_sr8.0-0.1.2 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-plugin-1.6.0_sr8.0-0.1.2 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-x86-1.6.0-124.7.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:java-1_4_2-ibm-1.4.2_sr13.5-0.1.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:java-1_4_2-ibm-jdbc-1.4.2_sr13.18-0.4.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:java-1_4_2-ibm-plugin-1.4.2_sr13.18-0.4.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:java-1_6_0-ibm-1.6.0_sr8.0-0.7.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:java-1_6_0-ibm-fonts-1.6.0_sr8.0-0.7.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:java-1_6_0-ibm-jdbc-1.6.0_sr8.0-0.7.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:java-1_6_0-ibm-plugin-1.6.0_sr16.4-0.3.1 SUSE Linux Enterprise Server 11 SP2:java-1_4_2-ibm-1.4.2_sr13.10-0.4.1 SUSE Linux Enterprise Server 11 SP2:java-1_4_2-ibm-jdbc-1.4.2_sr13.10-0.4.1 SUSE Linux Enterprise Server 11 SP2:java-1_4_2-ibm-plugin-1.4.2_sr13.10-0.4.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_4_2-ibm-1.4.2_sr13.5-0.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_4_2-ibm-jdbc-1.4.2_sr13.5-0.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_4_2-ibm-plugin-1.4.2_sr13.5-0.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-1.6.0_sr8.0-0.1.2 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-alsa-1.6.0_sr8.0-0.1.2 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-fonts-1.6.0_sr8.0-0.1.2 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-jdbc-1.6.0_sr8.0-0.1.2 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-plugin-1.6.0_sr8.0-0.1.2 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-x86-1.6.0-124.7.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H