{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-15T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to \"Features set on SchemaFactory not inherited by Validator.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-21T18:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"}, {"name": "FEDORA-2011-1631", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"}, {"name": "GLSA-201406-32", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"}, {"name": "HPSBMU02799", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"name": "46387", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46387"}, {"name": "FEDORA-2011-1645", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html"}, {"name": "oracle-runtime-dos(65404)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65404"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"}, {"name": "43350", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43350"}, {"name": "RHSA-2011:0282", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"}, {"name": "DSA-2224", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2224"}, {"name": "SSRT100867", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"name": "oval:org.mitre.oval:def:14076", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14076"}, {"name": "oval:org.mitre.oval:def:12887", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12887"}, {"name": "RHSA-2011:0281", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0281.html"}, {"name": "MDVSA-2011:054", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"}, {"name": "HPSBMU02797", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2010-4470", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to \"Features set on SchemaFactory not inherited by Validator.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html", "refsource": "CONFIRM", "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"}, {"name": "FEDORA-2011-1631", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"}, {"name": "GLSA-201406-32", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"}, {"name": "HPSBMU02799", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"name": "46387", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46387"}, {"name": "FEDORA-2011-1645", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html"}, {"name": "oracle-runtime-dos(65404)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65404"}, {"name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"}, {"name": "43350", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43350"}, {"name": "RHSA-2011:0282", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"}, {"name": "DSA-2224", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2011/dsa-2224"}, {"name": "SSRT100867", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"name": "oval:org.mitre.oval:def:14076", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14076"}, {"name": "oval:org.mitre.oval:def:12887", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12887"}, {"name": "RHSA-2011:0281", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2011-0281.html"}, {"name": "MDVSA-2011:054", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"}, {"name": "HPSBMU02797", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:43:14.954Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"}, {"name": "FEDORA-2011-1631", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"}, {"name": "GLSA-201406-32", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"}, {"name": "HPSBMU02799", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"name": "46387", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46387"}, {"name": "FEDORA-2011-1645", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html"}, {"name": "oracle-runtime-dos(65404)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65404"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"}, {"name": "43350", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43350"}, {"name": "RHSA-2011:0282", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"}, {"name": "DSA-2224", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2224"}, {"name": "SSRT100867", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"name": "oval:org.mitre.oval:def:14076", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14076"}, {"name": "oval:org.mitre.oval:def:12887", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12887"}, {"name": "RHSA-2011:0281", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0281.html"}, {"name": "MDVSA-2011:054", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"}, {"name": "HPSBMU02797", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2010-4470", "datePublished": "2011-02-17T18:31:00", "dateReserved": "2010-12-06T00:00:00", "dateUpdated": "2024-08-07T03:43:14.954Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:jre:*:update_23:*:*:*:*:*:*", "matchCriteriaId": "0863352B-4389-466F-9240-90944DB1B932", "versionEndIncluding": "1.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*", "matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*", "matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*", "matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*", "matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*", "matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*", "matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*", "matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*", "matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*", "matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*", "matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*", "matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*", "matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*", "matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*", "matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*", "matchCriteriaId": "188D2242-7D16-4F8E-AB61-4663804AAC17", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*", "matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*", "matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*", "matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*", "matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*", "matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:jdk:*:update_23:*:*:*:*:*:*", "matchCriteriaId": "F647BC01-31B7-4FF9-B77B-FD4F5B3E708D", "versionEndIncluding": "1.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*", "matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*", "matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*", "matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*", "matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*", "matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*", "matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*", "matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*", "matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*", "matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*", "matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*", "matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*", "matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*", "matchCriteriaId": "ECEDE405-CEF6-4E52-A8AE-28B9274B2289", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*", "matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*", "matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*", "matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*", "matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*", "matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*", "matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*", "matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*", "matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to \"Features set on SchemaFactory not inherited by Validator.\""}, {"lang": "es", "value": "Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Oracle Java SE y Java for Business 6 Update 23 y versiones anteriores permite a atacantes remotos afectar la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con JAXP y APIs no especificadas. NOTA: la informaci\u00f3n previa fue obtenida de febrero 2011 CPU. Oracle no ha comentado sobre las alegaciones de un proveedor downstream de que este problema est\u00e1 relacionado con \"conjunto Features en SchemaFactory no heredadas por Validator\""}], "id": "CVE-2010-4470", "lastModified": "2017-12-22T02:29:02.107", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-02-17T19:00:01.667", "references": [{"source": "secalert_us@oracle.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html"}, {"source": "secalert_us@oracle.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html"}, {"source": "secalert_us@oracle.com", "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"source": "secalert_us@oracle.com", "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43350"}, {"source": "secalert_us@oracle.com", "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"}, {"source": "secalert_us@oracle.com", "url": "http://www.debian.org/security/2011/dsa-2224"}, {"source": "secalert_us@oracle.com", "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0281.html"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/bid/46387"}, {"source": "secalert_us@oracle.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65404"}, {"source": "secalert_us@oracle.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12887"}, {"source": "secalert_us@oracle.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14076"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2011:0282", "cpe": "cpe:/a:redhat:rhel_extras:4", "package": "java-1.6.0-sun-1:1.6.0.24-1jpp.1.el4", "product_name": "Extras for RHEL 4", "release_date": "2011-02-17T00:00:00Z"}, {"advisory": "RHSA-2011:0281", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "java-1.6.0-openjdk-1:1.6.0.0-1.20.b17.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2011-02-17T00:00:00Z"}, {"advisory": "RHSA-2011:0281", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "java-1.6.0-openjdk-1:1.6.0.0-1.39.b17.el6_0", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-02-17T00:00:00Z"}, {"advisory": "RHSA-2011:0282", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.6.0-sun-1:1.6.0.24-1jpp.1.el6", "product_name": "Red Hat Enterprise Linux 6 Supplementary", "release_date": "2011-02-17T00:00:00Z"}, {"advisory": "RHSA-2011:0282", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "java-1.6.0-sun-1:1.6.0.24-1jpp.1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2011-02-17T00:00:00Z"}], "bugzilla": {"description": "OpenJDK JAXP untrusted component state manipulation (6927050)", "id": "676005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676005"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "verified"}, "details": ["Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to \"Features set on SchemaFactory not inherited by Validator.\""], "name": "CVE-2010-4470", "public_date": "2011-02-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2010-4470\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-4470"], "threat_severity": "Moderate"}