Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions.
References
Link Providers
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html cve-icon cve-icon
http://marc.info/?l=bugtraq&m=134254866602253&w=2 cve-icon cve-icon
http://secunia.com/advisories/41972 cve-icon cve-icon
http://secunia.com/advisories/42377 cve-icon cve-icon
http://secunia.com/advisories/42974 cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-201406-32.xml cve-icon cve-icon
http://support.avaya.com/css/P8/documents/100114315 cve-icon cve-icon
http://support.avaya.com/css/P8/documents/100114327 cve-icon cve-icon
http://support.avaya.com/css/P8/documents/100123193 cve-icon cve-icon
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0768.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0770.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0865.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/516397/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/44013 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1010-1 cve-icon cve-icon
http://www.vmware.com/security/advisories/VMSA-2011-0003.html cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/3086 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=639880 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2010-3561 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12200 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12437 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2010-3561 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2010-10-19T21:00:00

Updated: 2024-08-07T03:11:44.429Z

Reserved: 2010-09-20T00:00:00

Link: CVE-2010-3561

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-10-19T22:00:03.237

Modified: 2024-11-21T01:19:06.317

Link: CVE-2010-3561

cve-icon Redhat

Severity : Important

Publid Date: 2010-10-12T00:00:00Z

Links: CVE-2010-3561 - Bugzilla