Sign-up

ID

VAR-201102-0280


CVE

CVE-2010-4476


TITLE

IBM Lotus vulnerable to denial-of-service (DoS)

Trust: 0.8

sources: JVNDB: JVNDB-2011-000018

DESCRIPTION

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308. IBM DB2 contains a denial-of-service (DoS) vulnerability. IBM DB2 contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE).An attacker that can create or execute stored procedures may cause a denial-of-service (DoS). plural Oracle Product Java Runtime Environment Components include Java language and APIs There are vulnerabilities that affect availability due to flaws in the handling of.Service disruption by a third party (DoS) An attack may be carried out. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02826781 Version: 1 HPSBTU02684 SSRT100390 rev.1 - HP Tru64 UNIX running Java, Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2011-05-05 Last Updated: 2011-05-05 Potential Security Impact: Remote Denial of Service (DoS) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential vulnerability has been identified with HP Tru64 UNIX running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). References: CVE-2010-4476 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Tru64 UNIX running J2SE v 1.42-9 and earlier. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2010-4476 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has made the following software tool available to resolve the vulnerability. To download the FPUpdater tool, go to http://h18012.www1.hp.com/java/alpha/fpupdater_index.html HISTORY Version:1 (rev.1) - 5 May 2011 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Such input strings represent valid numbers and can be contained in data supplied by an attacker over the network, leading to a denial-of-service attack. For the oldstable distribution (lenny), this problem will be fixed in version 6b18-1.8.3-2~lenny1. For technical reasons, this update will be released separately. For the stable distribution (squeeze), this problem has been fixed in version 6b18-1.8.3-2+squeeze1. For the testing distribution (wheezy) and the unstable distribution (sid), this problem will be fixed soon. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2011:054 http://www.mandriva.com/security/ _______________________________________________________________________ Package : java-1.6.0-openjdk Date : March 27, 2011 Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been identified and fixed in java-1.6.0-openjdk: The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader (CVE-2010-4351). NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves DNS cache poisoning by untrusted applets. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable (CVE-2010-4450). NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or clipboard access in Applets. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and backward jsrs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to Features set on SchemaFactory not inherited by Validator. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text (CVE-2010-4471). NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the XML DSig Transform or C14N algorithm implementations. IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures for JAR files that (1) are partially signed or (2) signed by multiple entities, which allows remote attackers to trick users into executing code that appears to come from a trusted source (CVE-2011-0025). The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of an inappropriate security descriptor. (CVE-2011-0706) Additionally the java-1.5.0-gcj packages were not rebuilt with the shipped version on GCC for 2009.0 and Enterprise Server 5 which caused problems while building the java-1.6.0-openjdk updates, therefore rebuilt java-1.5.0-gcj packages are being provided with this advisory as well. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490 The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4471 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4472 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0025 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0706 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: cfea90f1f20d28bf5a2f628e0a910eaa 2009.0/i586/java-1.5.0-gcj-1.5.0.0-17.1.7.1mdv2009.0.i586.rpm d3188bf2f1da126b4d04e920e331d831 2009.0/i586/java-1.5.0-gcj-devel-1.5.0.0-17.1.7.1mdv2009.0.i586.rpm 1b4994018478f335d49531d9d5e60642 2009.0/i586/java-1.5.0-gcj-javadoc-1.5.0.0-17.1.7.1mdv2009.0.i586.rpm 078af1b826c27ea3c7befc88ace7ebd5 2009.0/i586/java-1.5.0-gcj-src-1.5.0.0-17.1.7.1mdv2009.0.i586.rpm d1c6cba2035f8eada4e351310ebf7be2 2009.0/i586/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2009.0.i586.rpm 8b53c26f88092819346654a339b44622 2009.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-7.b18.5mdv2009.0.i586.rpm fc8af257ef8db0d37f3bfff954740c0b 2009.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-7.b18.5mdv2009.0.i586.rpm 6cd5f5cdb27e4c8936292aef0aa5010c 2009.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-7.b18.5mdv2009.0.i586.rpm 03fdab84535710ac263c08b3870cb062 2009.0/i586/java-1.6.0-openjdk-plugin-1.6.0.0-7.b18.5mdv2009.0.i586.rpm 0232ce60d1d6e1072e50a13f2b416fcc 2009.0/i586/java-1.6.0-openjdk-src-1.6.0.0-7.b18.5mdv2009.0.i586.rpm fc94465e0b7e5fe50095c15726d38699 2009.0/SRPMS/java-1.5.0-gcj-1.5.0.0-17.1.7.1mdv2009.0.src.rpm 79aa73d85fe13e803173a9c520ac1bd8 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 5728fe31661213beab52fe97f9af91ad 2009.0/x86_64/java-1.5.0-gcj-1.5.0.0-17.1.7.1mdv2009.0.x86_64.rpm bd5a2a20d168ddcebe29bb109fea38c2 2009.0/x86_64/java-1.5.0-gcj-devel-1.5.0.0-17.1.7.1mdv2009.0.x86_64.rpm a37818a53a8dbfa85d82bcf3bf83e08f 2009.0/x86_64/java-1.5.0-gcj-javadoc-1.5.0.0-17.1.7.1mdv2009.0.x86_64.rpm ed9d1baa365606c512783863da3e0bd8 2009.0/x86_64/java-1.5.0-gcj-src-1.5.0.0-17.1.7.1mdv2009.0.x86_64.rpm b5e70c75ecc67f8f1f7f22ca55059a8b 2009.0/x86_64/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2009.0.x86_64.rpm 071df613e884a9faf3525661280b19d6 2009.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-7.b18.5mdv2009.0.x86_64.rpm 81b79e0a8ae29c5bcff3fa6872ad52e9 2009.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-7.b18.5mdv2009.0.x86_64.rpm b5818cbad798514f02ee26c346d1e077 2009.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-7.b18.5mdv2009.0.x86_64.rpm d80e3970d9279df1f9dddd46bcb01380 2009.0/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-7.b18.5mdv2009.0.x86_64.rpm d72298b296819ab6791e28449d3cf475 2009.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-7.b18.5mdv2009.0.x86_64.rpm fc94465e0b7e5fe50095c15726d38699 2009.0/SRPMS/java-1.5.0-gcj-1.5.0.0-17.1.7.1mdv2009.0.src.rpm 79aa73d85fe13e803173a9c520ac1bd8 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2009.0.src.rpm Mandriva Linux 2010.0: bbe3a5e4538edd269e8e8c846d02ec50 2010.0/i586/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2010.0.i586.rpm 825fa39b02a627993df166acad99e002 2010.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-7.b18.5mdv2010.0.i586.rpm b30390e1d4457964f60630c95b36e768 2010.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-7.b18.5mdv2010.0.i586.rpm f6123d9a0852fabdf596850979b58e4d 2010.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-7.b18.5mdv2010.0.i586.rpm f2ec2f80944f1f401154d2fb2c2ad64d 2010.0/i586/java-1.6.0-openjdk-plugin-1.6.0.0-7.b18.5mdv2010.0.i586.rpm 68ed360de6ee490d80906fd561459faa 2010.0/i586/java-1.6.0-openjdk-src-1.6.0.0-7.b18.5mdv2010.0.i586.rpm f7cb05087b53d464084c1d9975f914b1 2010.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 11e65a4c18288572327dd4c4f8841f94 2010.0/x86_64/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2010.0.x86_64.rpm 58bdac45685c3146adb44cb2c006811f 2010.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-7.b18.5mdv2010.0.x86_64.rpm e9dfc0bd42192c92b2a788809226ff27 2010.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-7.b18.5mdv2010.0.x86_64.rpm afcef69bfa7804c70df2684b2ed19634 2010.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-7.b18.5mdv2010.0.x86_64.rpm 64ea6c5ab1b71b8a0f163aa1f7581c69 2010.0/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-7.b18.5mdv2010.0.x86_64.rpm beb768b3e0714331050baf31a8e88bc9 2010.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-7.b18.5mdv2010.0.x86_64.rpm f7cb05087b53d464084c1d9975f914b1 2010.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2010.0.src.rpm Mandriva Linux 2010.1: c2736e4b08921bb5de8dbad3e13bb988 2010.1/i586/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2010.2.i586.rpm 884207fa52ea3e168710dfb3988229d5 2010.1/i586/java-1.6.0-openjdk-demo-1.6.0.0-7.b18.5mdv2010.2.i586.rpm a0d0a86bbc5dcc9d2eff2dc2e14ae083 2010.1/i586/java-1.6.0-openjdk-devel-1.6.0.0-7.b18.5mdv2010.2.i586.rpm dc1dd774b5eb1efb1a785b0ff4bc8f94 2010.1/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-7.b18.5mdv2010.2.i586.rpm 41cffbd28ed3d467e465328d8369116a 2010.1/i586/java-1.6.0-openjdk-plugin-1.6.0.0-7.b18.5mdv2010.2.i586.rpm ae4064b170d4e2fcd0b4949cd53af79e 2010.1/i586/java-1.6.0-openjdk-src-1.6.0.0-7.b18.5mdv2010.2.i586.rpm f44cc336bcd85dbfd7c589b1b34e1907 2010.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 556d72a8cf60df24274bb49938a2791c 2010.1/x86_64/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2010.2.x86_64.rpm e7e183d456383ad562cdb9da84e0f899 2010.1/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-7.b18.5mdv2010.2.x86_64.rpm 035fccb2950b8a87cd4b597c866d5831 2010.1/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-7.b18.5mdv2010.2.x86_64.rpm a76c326c10b87a62be32100d0eddd75f 2010.1/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-7.b18.5mdv2010.2.x86_64.rpm 09ad2b77e3c48b3e16010c8c93fa8f9b 2010.1/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-7.b18.5mdv2010.2.x86_64.rpm 042beb49ddd872902a8faea3e425b792 2010.1/x86_64/java-1.6.0-openjdk-src-1.6.0.0-7.b18.5mdv2010.2.x86_64.rpm f44cc336bcd85dbfd7c589b1b34e1907 2010.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2010.2.src.rpm Mandriva Enterprise Server 5: 2bf537286d1406c491061e07a73c96ec mes5/i586/java-1.5.0-gcj-1.5.0.0-17.1.7.1mdvmes5.2.i586.rpm fb125806cc547d2c69cf13ae67c835d5 mes5/i586/java-1.5.0-gcj-devel-1.5.0.0-17.1.7.1mdvmes5.2.i586.rpm 657a9fb9b644be8f8a49442a8210d56a mes5/i586/java-1.5.0-gcj-javadoc-1.5.0.0-17.1.7.1mdvmes5.2.i586.rpm fff64cbf465a2a701c248ad5cc4c89c6 mes5/i586/java-1.5.0-gcj-src-1.5.0.0-17.1.7.1mdvmes5.2.i586.rpm 8ba9fe5adad781d341ba764b661c8c92 mes5/i586/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdvmes5.2.i586.rpm 75de95d6064fe9d552795deb0768dfca mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-7.b18.5mdvmes5.2.i586.rpm 9f5ccbfff9afb405baadfc67f8173617 mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-7.b18.5mdvmes5.2.i586.rpm 70de70d7adaccff5397814d31bd51a96 mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-7.b18.5mdvmes5.2.i586.rpm 94b138e8a423f2f8c2ad137577bb4d42 mes5/i586/java-1.6.0-openjdk-plugin-1.6.0.0-7.b18.5mdvmes5.2.i586.rpm fd7dc4b050b6e07ea7686a72c2704ccd mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-7.b18.5mdvmes5.2.i586.rpm 2899dfa5a7491a13e85736bf588913d9 mes5/SRPMS/java-1.5.0-gcj-1.5.0.0-17.1.7.1mdv2009.0.src.rpm 4fc6e8041b5a93a3a71082fb1cbead26 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 11c7cdc078dcd9cf30e818f4fb4c4e1f mes5/x86_64/java-1.5.0-gcj-1.5.0.0-17.1.7.1mdvmes5.2.x86_64.rpm 6c6185f429a1672255e30cf00c2af065 mes5/x86_64/java-1.5.0-gcj-devel-1.5.0.0-17.1.7.1mdvmes5.2.x86_64.rpm f194361aa7a5cfeec17745f0ee158962 mes5/x86_64/java-1.5.0-gcj-javadoc-1.5.0.0-17.1.7.1mdvmes5.2.x86_64.rpm 7d2679d156a618d7ba847ba2ebcede4b mes5/x86_64/java-1.5.0-gcj-src-1.5.0.0-17.1.7.1mdvmes5.2.x86_64.rpm 8ae3d0065764f69d1546a61b895a4244 mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdvmes5.2.x86_64.rpm 8ef4ab6f5f8f421c1b36dfae807350a5 mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-7.b18.5mdvmes5.2.x86_64.rpm d504a7493fc86d5750c849f738bb6167 mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-7.b18.5mdvmes5.2.x86_64.rpm 3c044a087cc5225fd9ad138dcea5fa7d mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-7.b18.5mdvmes5.2.x86_64.rpm b89fa5785567340525aa5b57c8b9440c mes5/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-7.b18.5mdvmes5.2.x86_64.rpm 3dc504dbf7161b1026bf41298118a819 mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-7.b18.5mdvmes5.2.x86_64.rpm 2899dfa5a7491a13e85736bf588913d9 mes5/SRPMS/java-1.5.0-gcj-1.5.0.0-17.1.7.1mdv2009.0.src.rpm 4fc6e8041b5a93a3a71082fb1cbead26 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-7.b18.5mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFNj4A1mqjQ0CJFipgRAqd9AKDH+zN9xFfcPlQmGWMRSOqb+xjI4QCfbvvt DHgr6vgcxh6XXAElZkDBIws= =7L47 -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Apache Tomcat Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43198 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43198/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43198 RELEASE DATE: 2011-02-07 DISCUSS ADVISORY: http://secunia.com/advisories/43198/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43198/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43198 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apache Tomcat, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). 1) An error due to the "ServletContect" attribute improperly being restricted to read-only when running under a SecurityManager can be exploited by a malicious web application to use an arbitrary working directory with read-write privileges. 2) Certain input (e.g. display names) is not properly sanitised in the HTML Manager interface before being returned to the user. 3) An error within the JVM when accessing a page that calls "javax.servlet.ServletRequest.getLocale()" or "javax.servlet.ServletRequest.getLocales()" functions can be exploited to cause the process to hang via a web request containing specially crafted headers (e.g. "Accept-Language"). This vulnerability is reported in versions prior to 5.5.33. PROVIDED AND/OR DISCOVERED BY: 1, 2) Reported by the vendor. 3) Konstantin Preiber ORIGINAL ADVISORY: Apache Tomcat: http://tomcat.apache.org/security-5.html http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0075.html Konstantin Preiber: http://www.exploringbinary.com/why-volatile-fixes-the-2-2250738585072011e-308-bug/comment-page-1/#comment-4645 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ---------------------------------------------------------------------- Get a tax break on purchases of Secunia Solutions! If you are a U.S. company, you may be qualified for a tax break for your software purchases. The vulnerability is caused due to an error in the "doubleValue()" method in FloatingDecimal.java when converting "2.2250738585072012e-308" from a string type to a double precision binary floating point and can be exploited to cause an infinite loop. * Sun SDK 1.4.2_29 and prior. SOLUTION: Apply patch via the FPUpdater tool. =========================================================== Ubuntu Security Notice USN-1079-3 March 17, 2011 openjdk-6b18 vulnerabilities CVE-2010-4448, CVE-2010-4450, CVE-2010-4465, CVE-2010-4469, CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4476, CVE-2011-0706 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 10.10: icedtea6-plugin 6b18-1.8.7-0ubuntu2.1 openjdk-6-jre 6b18-1.8.7-0ubuntu2.1 openjdk-6-jre-headless 6b18-1.8.7-0ubuntu2.1 After a standard system update you need to restart any Java services, applications or applets to make all the necessary changes. Details follow: USN-1079-2 fixed vulnerabilities in OpenJDK 6 for armel (ARM) architectures in Ubuntu 9.10 and Ubuntu 10.04 LTS. This update fixes vulnerabilities in OpenJDK 6 for armel (ARM) architectures for Ubuntu 10.10. Original advisory details: It was discovered that untrusted Java applets could create domain name resolution cache entries, allowing an attacker to manipulate name resolution within the JVM. (CVE-2010-4448) It was discovered that the Java launcher did not did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program. (CVE-2010-4450) It was discovered that within the Swing library, forged timer events could allow bypass of SecurityManager checks. This could allow an attacker to access restricted resources. (CVE-2010-4465) It was discovered that certain bytecode combinations confused memory management within the HotSpot JVM. (CVE-2010-4469) It was discovered that the way JAXP components were handled allowed them to be manipulated by untrusted applets. An attacker could use this to bypass XML processing restrictions and elevate privileges. (CVE-2010-4470) It was discovered that the Java2D subcomponent, when processing broken CFF fonts could leak system properties. (CVE-2010-4471) It was discovered that a flaw in the XML Digital Signature component could allow an attacker to cause untrusted code to replace the XML Digital Signature Transform or C14N algorithm implementations. (CVE-2010-4472) Konstantin Prei\xdfer and others discovered that specific double literals were improperly handled, allowing a remote attacker to cause a denial of service. (CVE-2011-0706) Updated packages for Ubuntu 10.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.7-0ubuntu2.1.diff.gz Size/MD5: 149561 b35ae7a82db49282379d36e7ece58484 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.7-0ubuntu2.1.dsc Size/MD5: 3015 04cb459aeaab6c228e722caf07a44de9 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.7.orig.tar.gz Size/MD5: 71430490 b2811b2e53cd9abaad6959d33fe10d19 armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea-6-jre-cacao_6b18-1.8.7-0ubuntu2.1_armel.deb Size/MD5: 377802 d4439da20492eafbccb33e2fe979e8c9 http://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea6-plugin_6b18-1.8.7-0ubuntu2.1_armel.deb Size/MD5: 78338 7bdf93e00fd81dc82fd0d9a8b4e905c7 http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-dbg_6b18-1.8.7-0ubuntu2.1_armel.deb Size/MD5: 85497146 1512e0d6563dd5120729cf5b993c618c http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-demo_6b18-1.8.7-0ubuntu2.1_armel.deb Size/MD5: 1545620 544c54891d44bdac534c81318a7f2bcb http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jdk_6b18-1.8.7-0ubuntu2.1_armel.deb Size/MD5: 9140042 0a2d6ed937081800baeb6fc55326a754 http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre-headless_6b18-1.8.7-0ubuntu2.1_armel.deb Size/MD5: 30092886 4cc5ad7c54638278e55ee7d2acaab413 http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre_6b18-1.8.7-0ubuntu2.1_armel.deb Size/MD5: 266102 4278c2c06387cf883325356efda3c4d4 http://ports.ubuntu.com/pool/universe/o/openjdk-6b18/openjdk-6-jre-zero_6b18-1.8.7-0ubuntu2.1_armel.deb Size/MD5: 1959296 6becfb4d5a2ecbe7aee622b84df57f12 . Background ========== IcedTea is a distribution of the Java OpenJDK source code built with free build tools. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0013 Synopsis: VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX Issue date: 2011-10-27 Updated on: 2011-10-27 (initial release of advisory) CVE numbers: --- openssl --- CVE-2008-7270 CVE-2010-4180 --- libuser --- CVE-2011-0002 --- nss, nspr --- CVE-2010-3170 CVE-2010-3173 --- Oracle (Sun) JRE 1.6.0 --- CVE-2010-1321 CVE-2010-3541 CVE-2010-3548 CVE-2010-3549 CVE-2010-3550 CVE-2010-3551 CVE-2010-3552 CVE-2010-3553 CVE-2010-3554 CVE-2010-3555 CVE-2010-3556 CVE-2010-3557 CVE-2010-3558 CVE-2010-3559 CVE-2010-3560 CVE-2010-3561 CVE-2010-3562 CVE-2010-3563 CVE-2010-3565 CVE-2010-3566 CVE-2010-3567 CVE-2010-3568 CVE-2010-3569 CVE-2010-3570 CVE-2010-3571 CVE-2010-3572 CVE-2010-3573 CVE-2010-3574 CVE-2010-4422 CVE-2010-4447 CVE-2010-4448 CVE-2010-4450 CVE-2010-4451 CVE-2010-4452 CVE-2010-4454 CVE-2010-4462 CVE-2010-4463 CVE-2010-4465 CVE-2010-4466 CVE-2010-4467 CVE-2010-4468 CVE-2010-4469 CVE-2010-4470 CVE-2010-4471 CVE-2010-4472 CVE-2010-4473 CVE-2010-4474 CVE-2010-4475 CVE-2010-4476 --- Oracle (Sun) JRE 1.5.0 --- CVE-2010-4447 CVE-2010-4448 CVE-2010-4450 CVE-2010-4454 CVE-2010-4462 CVE-2010-4465 CVE-2010-4466 CVE-2010-4468 CVE-2010-4469 CVE-2010-4473 CVE-2010-4475 CVE-2010-4476 CVE-2011-0862 CVE-2011-0873 CVE-2011-0815 CVE-2011-0864 CVE-2011-0802 CVE-2011-0814 CVE-2011-0871 CVE-2011-0867 CVE-2011-0865 --- SFCB --- CVE-2010-2054 - ------------------------------------------------------------------------ 1. Summary Update 2 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere Hypervisor (ESXi) 4.1 and ESX 4.1 addresses several security issues. 2. Relevant releases vCenter Server 4.1 without Update 2 vCenter Update Manager 4.1 without Update 2 ESXi 4.1 without patch ESX410-201110201-SG. ESX 4.1 without patches ESX410-201110201-SG, ESX410-201110204-SG, ESX410-201110206-SG,ESX410-201110214-SG. 3. Problem Description a. ESX third party update for Service Console openssl RPM The Service Console openssl RPM is updated to openssl-0.9.8e.12.el5_5.7 resolving two security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-7270 and CVE-2010-4180 to these issues. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ========= ======== ======= ================= vCenter any Windows not affected hosted* any any not affected ESXi any any not affected ESX 4.1 ESX ESX410-201110204-SG ESX 4.0 ESX patch pending ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. b. ESX third party update for Service Console libuser RPM The Service Console libuser RPM is updated to version 0.54.7-2.1.el5_5.2 to resolve a security issue. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2011-0002 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ========= ======== ======= ================= vCenter any Windows not affected hosted* any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201110206-SG ESX 4.0 ESX patch pending ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. c. ESX third party update for Service Console nss and nspr RPMs The Service Console Network Security Services (NSS) and Netscape Portable Runtime (NSPR) libraries are updated to nspr-4.8.6-1 and nss-3.12.8-4 resolving multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3170 and CVE-2010-3173 to these issues. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ========= ======== ======= ================= vCenter any Windows not affected hosted* any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201110214-SG ESX 4.0 ESX patch pending ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. d. vCenter Server and ESX, Oracle (Sun) JRE update 1.6.0_24 Oracle (Sun) JRE is updated to version 1.6.0_24, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.6.0_24: CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4451, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4469, CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4473, CVE-2010-4474, CVE-2010-4475 and CVE-2010-4476. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.6.0_22: CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3552, CVE-2010-3553, CVE-2010-3554, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3559, CVE-2010-3560, CVE-2010-3561, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565, CVE-2010-3566, CVE-2010-3567, CVE-2010-3568, CVE-2010-3569, CVE-2010-3570, CVE-2010-3571, CVE-2010-3572, CVE-2010-3573 and CVE-2010-3574. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 5.0 Windows not affected vCenter 4.1 Windows Update 2 vCenter 4.0 Windows not applicable ** VirtualCenter 2.5 Windows not applicable ** Update Manager 5.0 Windows not affected Update Manager 4.1 Windows not applicable ** Update Manager 4.0 Windows not applicable ** hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201110201-SG ESX 4.0 ESX not applicable ** ESX 3.5 ESX not applicable ** ESX 3.0.3 ESX not applicable ** * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.5.0 family e. vCenter Update Manager Oracle (Sun) JRE update 1.5.0_30 Oracle (Sun) JRE is updated to version 1.5.0_30, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_30: CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0864, CVE-2011-0802, CVE-2011-0814, CVE-2011-0871, CVE-2011-0867 and CVE-2011-0865. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_28: CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4454, CVE-2010-4462, CVE-2010-4465, CVE-2010-4466, CVE-2010-4468, CVE-2010-4469, CVE-2010-4473, CVE-2010-4475, CVE-2010-4476. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 5.0 Windows not applicable ** vCenter 4.1 Windows not applicable ** vCenter 4.0 Windows patch pending VirtualCenter 2.5 Windows patch pending Update Manager 5.0 Windows not applicable ** Update Manager 4.1 Windows Update 2 Update Manager 4.0 Windows patch pending hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX not applicable ** ESX 4.0 ESX patch pending ESX 3.5 ESX patch pending ESX 3.0.3 ESX affected, no patch planned * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.6.0 family f. Integer overflow in VMware third party component sfcb This release resolves an integer overflow issue present in the third party library SFCB when the httpMaxContentLength has been changed from its default value to 0 in in /etc/sfcb/sfcb.cfg. The integer overflow could allow remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2054 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ========= ======== ======= ================= vCenter any Windows not affected hosted* any any not affected ESXi 5.0 ESXi not affected ESXi 4.1 ESXi ESXi410-201110201-SG ESXi 4.0 ESXi not affected ESXi 3.5 ESXi not affected ESX 4.1 ESX ESX410-201110201-SG ESX 4.0 ESX not affected ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected * hosted products are VMware Workstation, Player, ACE, Fusion. 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. VMware vCenter Server 4.1 ---------------------------------------------- vCenter Server 4.1 Update 2 The download for vCenter Server includes VMware Update Manager. Download link: http://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/4_1 Release Notes: http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html https://www.vmware.com/support/pubs/vum_pubs.html File: VMware-VIMSetup-all-4.1.0-493063.iso md5sum: d132326846a85bfc9ebbc53defeee6e1 sha1sum: 192c3e5d2a10bbe53c025cc7eedb3133a23e0541 File: VMware-VIMSetup-all-4.1.0-493063.zip md5sum: 7fd7b09e501bd8fde52649b395491222 sha1sum: 46dd00e7c594ac672a5d7c3c27d15be2f5a5f1f1 File: VMware-viclient-all-4.1.0-491557.exe md5sum: dafd31619ae66da65115ac3900697e3a sha1sum: 98be4d349c9a655621c068d105593be4a8e542ef VMware ESXi 4.1 --------------- VMware ESXi 4.1 Update 2 Download link: http://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/4_1 Release Notes: https://www.vmware.com/support/pubs/vs_pages/vsp_pubs_esxi41_i_vc41.html File: VMware-VMvisor-Installer-4.1.0.update02-502767.x86_64.iso md5sum: 0aa78790a336c5fc6ba3d9807c98bfea sha1sum: 7eebd34ab5bdc81401ae20dcf59a8f8ae22086ce File: upgrade-from-esxi4.0-to-4.1-update02-502767.zip md5sum: 459d9142a885854ef0fa6edd8d6a5677 sha1sum: 75978b6f0fc3b0ccc63babe6a65cfde6ec420d33 File: upgrade-from-ESXi3.5-to-4.1_update02.502767.zip md5sum: 3047fac78a4aaa05cf9528d62fad9d73 sha1sum: dc99b6ff352ace77d5513b4c6d8a2cb7e766a09f File: VMware-tools-linux-8.3.12-493255.iso md5sum: 63028f2bf605d26798ac24525a0e6208 sha1sum: 95ca96eec7817da9d6e0c326ac44d8b050328932 File: VMware-viclient-all-4.1.0-491557.exe md5sum: dafd31619ae66da65115ac3900697e3a sha1sum: 98be4d349c9a655621c068d105593be4a8e542ef VMware ESXi 4.1 Update 2 contains ESXi410-201110201-SG. VMware ESX 4.1 -------------- VMware ESX 4.1 Update 2 Download link: http://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/4_1 Release Notes: http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html File: ESX-4.1.0-update02-502767.iso md5sum: 9a2b524446cbd756f0f1c7d8d88077f8 sha1sum: 2824c0628c341357a180b3ab20eb2b7ef1bee61c File: pre-upgrade-from-esx4.0-to-4.1-502767.zip md5sum: 9060ad94d9d3bad7d4fa3e4af69a41cf sha1sum: 9b96ba630377946c42a8ce96f0b5745c56ca46b4 File: upgrade-from-esx4.0-to-4.1-update02-502767.zip md5sum: 4b60f36ee89db8cb7e1243aa02cdb549 sha1sum: 6b9168a1b01379dce7db9d79fd280509e16d013f File: VMware-tools-linux-8.3.12-493255.iso md5sum: 63028f2bf605d26798ac24525a0e6208 sha1sum: 95ca96eec7817da9d6e0c326ac44d8b050328932 File: VMware-viclient-all-4.1.0-491557.exe md5sum: dafd31619ae66da65115ac3900697e3a sha1sum: 98be4d349c9a655621c068d105593be4a8e542ef VMware ESX 4.1 Update 2 contains ESX410-201110204-SG, ESX410-201110206-SG, ESX410-201110201-SG and ESX410-201110214-SG. 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7270 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3552 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3554 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3561 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3563 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4451 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4452 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4466 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4466 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4467 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4471 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4472 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4474 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4475 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4475 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0002 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0815 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873 - ------------------------------------------------------------------------ 6. Change log 2011-10-27 VMSA-2011-0013 Initial security advisory in conjunction with the release of Update 2 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere Hypervisor (ESXi) 4.1 and ESX 4.1 on 2011-10-27. - ------------------------------------------------------------------------ 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2011 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6qRrIACgkQDEcm8Vbi9kPemwCeM4Q4S8aRp8X/8/LQ8NGVdU8l lJkAmweROyq5t0iWwM0EN2iP9ly6trbc =Dm8O -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Oracle JRE/JDK: Multiple vulnerabilities Date: November 05, 2011 Bugs: #340421, #354213, #370559, #387851 ID: 201111-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/sun-jre-bin < 1.6.0.29 >= 1.6.0.29 * 2 app-emulation/emul-linux-x86-java < 1.6.0.29 >= 1.6.0.29 * 3 dev-java/sun-jdk < 1.6.0.29 >= 1.6.0.29 * ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 3 affected packages ------------------------------------------------------------------- Description =========== Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below and the associated Oracle Critical Patch Update Advisory for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK 1.6 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.29" All Oracle JRE 1.6 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.29" All users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to the latest version: # emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.6.0.29" NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically. This limitation is not present on a non-fetch restricted implementation such as dev-java/icedtea-bin. References ========== [ 1 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 2 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 3 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 4 ] CVE-2010-3550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550 [ 5 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 6 ] CVE-2010-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552 [ 7 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 8 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 9 ] CVE-2010-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555 [ 10 ] CVE-2010-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556 [ 11 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 12 ] CVE-2010-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558 [ 13 ] CVE-2010-3559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559 [ 14 ] CVE-2010-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560 [ 15 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 16 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 17 ] CVE-2010-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563 [ 18 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 19 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 20 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 21 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 22 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 23 ] CVE-2010-3570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570 [ 24 ] CVE-2010-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571 [ 25 ] CVE-2010-3572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572 [ 26 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 27 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 28 ] CVE-2010-4422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422 [ 29 ] CVE-2010-4447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447 [ 30 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 31 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 32 ] CVE-2010-4451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451 [ 33 ] CVE-2010-4452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452 [ 34 ] CVE-2010-4454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454 [ 35 ] CVE-2010-4462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462 [ 36 ] CVE-2010-4463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463 [ 37 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 38 ] CVE-2010-4466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466 [ 39 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 40 ] CVE-2010-4468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468 [ 41 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 42 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 43 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 44 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 45 ] CVE-2010-4473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473 [ 46 ] CVE-2010-4474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474 [ 47 ] CVE-2010-4475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475 [ 48 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 49 ] CVE-2011-0802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802 [ 50 ] CVE-2011-0814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814 [ 51 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 52 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 53 ] CVE-2011-0863 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863 [ 54 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 55 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 56 ] CVE-2011-0867 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867 [ 57 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 58 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 59 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 60 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 61 ] CVE-2011-0873 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873 [ 62 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 63 ] CVE-2011-3516 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516 [ 64 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 65 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 66 ] CVE-2011-3545 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545 [ 67 ] CVE-2011-3546 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546 [ 68 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 69 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 70 ] CVE-2011-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549 [ 71 ] CVE-2011-3550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550 [ 72 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 73 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 74 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 75 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 76 ] CVE-2011-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555 [ 77 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 78 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 79 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 80 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 81 ] CVE-2011-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201111-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Customers should open a support case to request the following hotfixes. NNMi Version / Operating System Required Patch Hotfix 9.1x HP-UX Patch 4 Hotfix-NNMi-9.1xP4-HP-UX-JDK-20120710.zip 9.1x Linux Patch 4 Hotfix-NNMi-9.1xP4-Linux-JDK-20120523.zip 9.1x Solaris Patch 4 Hotfix-NNMi-9.1xP4-Solaris-JDK-20120523.zip 9.1x Windows Patch 4 Hotfix-NNMi-9.1xP4-Windows-JDK-20120523.zip Note: The hotfix must be installed after the required patch. The hotfix must be reinstalled if the required patch is reinstalled. PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com

Trust: 4.23

sources: NVD: CVE-2010-4476 // JVNDB: JVNDB-2011-000016 // JVNDB: JVNDB-2011-001185 // JVNDB: JVNDB-2011-000018 // PACKETSTORM: 101246 // PACKETSTORM: 98452 // PACKETSTORM: 111920 // PACKETSTORM: 99798 // PACKETSTORM: 98186 // PACKETSTORM: 98322 // VULMON: CVE-2010-4476 // PACKETSTORM: 99459 // PACKETSTORM: 127267 // PACKETSTORM: 106330 // PACKETSTORM: 106640 // PACKETSTORM: 121037 // PACKETSTORM: 114812

AFFECTED PRODUCTS

vendor:hewlett packard l pmodel:hp systems insight managerscope:eqversion:prior to v7.0

Trust: 1.6

vendor:sunmodel:jrescope:eqversion:1.4.2_20

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_4

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_21

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_3

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_27

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_6

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_19

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_9

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_2

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_25

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_23

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_17

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_15

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.5.0

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_3

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_4

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_6

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_5

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_14

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jdkscope:lteversion:1.6.0

Trust: 1.0

vendor:sunmodel:jdkscope:lteversion:1.5.0

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_24

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_9

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_8

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_26

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_11

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_23

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_18

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_22

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_16

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_15

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_17

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_10

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_5

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_14

Trust: 1.0

vendor:sunmodel:sdkscope:lteversion:1.4.2_29

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_28

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_24

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_7

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_12

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_8

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_26

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_1

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_13

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_19

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_20

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_02

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_18

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_21

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_11

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_16

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_22

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_27

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_10

Trust: 1.0

vendor:sunmodel:jrescope:lteversion:1.6.0

Trust: 1.0

vendor:sunmodel:jrescope:lteversion:1.5.0

Trust: 1.0

vendor:sunmodel:jdkscope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jdkscope:eqversion:1.5.0

Trust: 1.0

vendor:sunmodel:jrescope:lteversion:1.4.2_29

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_28

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_7

Trust: 1.0

vendor:sunmodel:sdkscope:eqversion:1.4.2_25

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_12

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_1

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.4.2_13

Trust: 1.0

vendor:ibmmodel:formsscope:eqversion:4.0, 3.5

Trust: 0.8

vendor:ibmmodel:lotus expeditorscope:eqversion:6.2

Trust: 0.8

vendor:ibmmodel:lotus quickrscope:eqversion:for websphere portal 8.5, 8.1, 8.0

Trust: 0.8

vendor:ibmmodel:mashup centerscope:eqversion:3.0, 2.0, 1.1, 1.0

Trust: 0.8

vendor:ibmmodel:websphere dashboard frameworkscope:eqversion:6.1, 6.0

Trust: 0.8

vendor:ibmmodel:lotus activeinsightscope:eqversion:6.1, 6.0

Trust: 0.8

vendor:ibmmodel:lotus connectionsscope:eqversion:3.0, 2.5, 2.0, 1.0

Trust: 0.8

vendor:ibmmodel:lotus mashupsscope:eqversion:3.0, 2.0, 1.1, 1.0

Trust: 0.8

vendor:ibmmodel:lotus sametime advancedscope:eqversion:8.0

Trust: 0.8

vendor:ibmmodel:lotus sametime standardscope:eqversion:8.5

Trust: 0.8

vendor:ibmmodel:lotus sametime unified telephonyscope:eqversion:8.5.1, 8.0

Trust: 0.8

vendor:ibmmodel:lotus web content managementscope:eqversion:7.0, 6.1

Trust: 0.8

vendor:ibmmodel:lotus workforce managementscope:eqversion:6.1

Trust: 0.8

vendor:ibmmodel:websphere portlet factoryscope:eqversion:7.0, 6.1

Trust: 0.8

vendor:ibmmodel:workplace web content managementscope:eqversion:6.0

Trust: 0.8

vendor:ibmmodel:db2scope:eqversion:for linux, unix, and windows version 9.1 fp0 to fp10

Trust: 0.8

vendor:ibmmodel:db2scope:eqversion:for linux, unix, and windows version 9.5 fp0 to fp7

Trust: 0.8

vendor:ibmmodel:db2scope:eqversion:for linux, unix, and windows version 9.7 fp0 to fp3a

Trust: 0.8

vendor:ibmmodel:websphere application serverscope:eqversion:v6.0 to v6.0.2.43

Trust: 0.8

vendor:ibmmodel:websphere application serverscope:eqversion:v6.1 to v6.1.0.35

Trust: 0.8

vendor:ibmmodel:websphere application serverscope:eqversion:v7.0 to v7.0.0.13

Trust: 0.8

vendor:vmwaremodel:esxscope:eqversion:3.0.3

Trust: 0.8

vendor:vmwaremodel:esxscope:eqversion:3.5

Trust: 0.8

vendor:vmwaremodel:esxscope:eqversion:4.0

Trust: 0.8

vendor:vmwaremodel:esxscope:eqversion:4.1

Trust: 0.8

vendor:vmwaremodel:esxiscope: - version: -

Trust: 0.8

vendor:vmwaremodel:vcenterscope:eqversion:4.0 (windows)

Trust: 0.8

vendor:vmwaremodel:vcenterscope:eqversion:4.1 (windows)

Trust: 0.8

vendor:vmwaremodel:vcenterscope:eqversion:5.0 (windows)

Trust: 0.8

vendor:vmwaremodel:virtualcenterscope:eqversion:2.5 (windows)

Trust: 0.8

vendor:vmwaremodel:vsphere update managerscope:eqversion:4.0 (windows)

Trust: 0.8

vendor:vmwaremodel:vsphere update managerscope:eqversion:4.1 (windows)

Trust: 0.8

vendor:vmwaremodel:vsphere update managerscope:eqversion:5.0 (windows)

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6.6

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6.6

Trust: 0.8

vendor:oraclemodel:iplanet web serverscope:eqversion:6.1

Trust: 0.8

vendor:oraclemodel:iplanet web serverscope:eqversion:7.0

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3 (x86)

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3 (x86-64)

Trust: 0.8

vendor:sun microsystemsmodel:jdkscope:lteversion:5.0 update 27

Trust: 0.8

vendor:sun microsystemsmodel:jdkscope:lteversion:6 update 23

Trust: 0.8

vendor:sun microsystemsmodel:jrescope:lteversion:1.4.2_29

Trust: 0.8

vendor:sun microsystemsmodel:jrescope:lteversion:5.0 update 27

Trust: 0.8

vendor:sun microsystemsmodel:jrescope:lteversion:6 update 23

Trust: 0.8

vendor:sun microsystemsmodel:sdkscope:lteversion:1.4.2_29

Trust: 0.8

vendor:hewlett packardmodel:hp systems insight managerscope:ltversion:7.0

Trust: 0.8

vendor:hewlett packardmodel:hp tru64 unixscope:lteversion:running j2se v 1.42-9

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.11

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.23

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.23 (ia)

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.23 (pa)

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.31

Trust: 0.8

vendor:hewlett packardmodel:hp-ux tomcat-based servlet enginescope:eqversion:5.5.30.04

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:5 (server)

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:5.0 (client)

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux extrasscope:eqversion:4 extras

Trust: 0.8

vendor:red hatmodel:enterprise linux extrasscope:eqversion:4.8.z extras

Trust: 0.8

vendor:red hatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux hpc node supplementaryscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:rhel desktop supplementaryscope:eqversion:5 (client)

Trust: 0.8

vendor:red hatmodel:rhel desktop supplementaryscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:rhel desktop workstationscope:eqversion:5 (client)

Trust: 0.8

vendor:red hatmodel:rhel supplementaryscope:eqversion:5 (server)

Trust: 0.8

vendor:necmodel:systemdirector enterprisescope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus application serverscope:eqversion:enterprise version 6

Trust: 0.8

vendor:hitachimodel:cosminexus application serverscope:eqversion:standard version 6

Trust: 0.8

vendor:hitachimodel:cosminexus application serverscope:eqversion:version 5

Trust: 0.8

vendor:hitachimodel:cosminexus clientscope:eqversion:version 6

Trust: 0.8

vendor:hitachimodel:cosminexus collaborationscope:eqversion:- server

Trust: 0.8

vendor:hitachimodel:cosminexus developerscope:eqversion:light version 6

Trust: 0.8

vendor:hitachimodel:cosminexus developerscope:eqversion:professional version 6

Trust: 0.8

vendor:hitachimodel:cosminexus developerscope:eqversion:standard version 6

Trust: 0.8

vendor:hitachimodel:cosminexus developerscope:eqversion:version 5

Trust: 0.8

vendor:hitachimodel:cosminexus serverscope:eqversion:- standard edition version 4

Trust: 0.8

vendor:hitachimodel:cosminexus serverscope:eqversion:- web edition version 4

Trust: 0.8

vendor:hitachimodel:cosminexus studioscope:eqversion:- standard edition version 4

Trust: 0.8

vendor:hitachimodel:cosminexus studioscope:eqversion:- web edition version 4

Trust: 0.8

vendor:hitachimodel:cosminexus studioscope:eqversion:version 5

Trust: 0.8

vendor:hitachimodel:groupmax collaborationscope:eqversion:- server

Trust: 0.8

vendor:hitachimodel:hirdb realtime monitorscope: - version: -

Trust: 0.8

vendor:hitachimodel:developer's kit for javascope: - version: -

Trust: 0.8

vendor:hitachimodel:device managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:global link managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:it operations analyzerscope: - version: -

Trust: 0.8

vendor:hitachimodel:it operations directorscope: - version: -

Trust: 0.8

vendor:hitachimodel:provisioning managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:replication managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:tiered storage managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:tuning managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:job management partner 1/automatic job management system 2scope:eqversion:- web operation assistant( english edition )

Trust: 0.8

vendor:hitachimodel:job management partner 1/automatic job management system 2scope:eqversion:- web operation assistant/ex( english edition )

Trust: 0.8

vendor:hitachimodel:job management partner 1/automatic job management system 3scope:eqversion:- web operation assistant( english edition )

Trust: 0.8

vendor:hitachimodel:job management partner 1/performance management - web consolescope:eqversion:( overseas edition )

Trust: 0.8

vendor:hitachimodel:jp1/automatic job management system 2scope:eqversion:- web operation assistant

Trust: 0.8

vendor:hitachimodel:jp1/automatic job management system 3scope:eqversion:- web operation assistant

Trust: 0.8

vendor:hitachimodel:jp1/cm2/network node managerscope:eqversion:none

Trust: 0.8

vendor:hitachimodel:jp1/cm2/network node managerscope:eqversion:i

Trust: 0.8

vendor:hitachimodel:jp1/cm2/network node managerscope:eqversion:i advanced

Trust: 0.8

vendor:hitachimodel:jp1/cm2/network node managerscope:eqversion:starter edition 250

Trust: 0.8

vendor:hitachimodel:jp1/cm2/network node managerscope:eqversion:starter edition enterprise

Trust: 0.8

vendor:hitachimodel:jp1/cm2/snmp system observerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand device managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand global link availability managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand provisioning managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand replication monitorscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand tiered storage managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand tuning managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/integrated managementscope:eqversion:- service support

Trust: 0.8

vendor:hitachimodel:jp1/it resource managementscope:eqversion:- manager

Trust: 0.8

vendor:hitachimodel:jp1/performance managementscope:eqversion:- web console

Trust: 0.8

vendor:hitachimodel:jp1/performance managementscope:eqversion:- web console( overseas edition )

Trust: 0.8

vendor:hitachimodel:jp1/serverconductor/control managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:processing kit for xmlscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:enterprise

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:standard

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:standard-r

Trust: 0.8

vendor:hitachimodel:ucosminexus clientscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus collaborationscope:eqversion:- server

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:light

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:professional

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:standard

Trust: 0.8

vendor:hitachimodel:ucosminexus navigationscope:eqversion:developer

Trust: 0.8

vendor:hitachimodel:ucosminexus navigationscope:eqversion:platform

Trust: 0.8

vendor:hitachimodel:ucosminexus navigationscope:eqversion:platform - authoring license

Trust: 0.8

vendor:hitachimodel:ucosminexus navigationscope:eqversion:platform - user license

Trust: 0.8

vendor:hitachimodel:ucosminexus operatorscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus portal frameworkscope:eqversion:entry set

Trust: 0.8

vendor:hitachimodel:ucosminexus reporting basescope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus servicescope:eqversion:architect

Trust: 0.8

vendor:hitachimodel:ucosminexus servicescope:eqversion:platform

Trust: 0.8

vendor:hitachimodel:ucosminexus stream data platformscope:eqversion:none

Trust: 0.8

vendor:hitachimodel:ucosminexus stream data platformscope:eqversion:- application framework

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:standard set

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:set

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:developer client set

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:developer set

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:professional library set

Trust: 0.8

vendor:fujitsumodel:internet navigware serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application development cycle managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application framework suitescope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage apworksscope:eqversion:server operation package

Trust: 0.8

vendor:fujitsumodel:interstage business application serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage job workload serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage list worksscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage service integratorscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage web serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage xml business activity recorderscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker availability viewscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker centric managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker it change managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker it process masterscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker resource coordinatorscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker service quality coordinatorscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2011-000018 // JVNDB: JVNDB-2011-000016 // JVNDB: JVNDB-2011-001185 // NVD: CVE-2010-4476

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-4476
value: MEDIUM

Trust: 1.0

IPA: JVNDB-2011-000018
value: MEDIUM

Trust: 0.8

IPA: JVNDB-2011-000016
value: MEDIUM

Trust: 0.8

NVD: CVE-2010-4476
value: MEDIUM

Trust: 0.8

VULMON: CVE-2010-4476
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-4476
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

IPA: JVNDB-2011-000018
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2011-000016
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

sources: VULMON: CVE-2010-4476 // JVNDB: JVNDB-2011-000018 // JVNDB: JVNDB-2011-000016 // JVNDB: JVNDB-2011-001185 // NVD: CVE-2010-4476

PROBLEMTYPE DATA

problemtype:CWE-189

Trust: 1.6

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-DesignError

Trust: 0.8

sources: JVNDB: JVNDB-2011-000018 // JVNDB: JVNDB-2011-000016 // JVNDB: JVNDB-2011-001185 // NVD: CVE-2010-4476

THREAT TYPE

remote, local

Trust: 0.1

sources: PACKETSTORM: 99459

TYPE

arbitrary, code execution

Trust: 0.1

sources: PACKETSTORM: 127267

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-000018

EXPLOIT AVAILABILITY
sources:
            
            
            VULMON: CVE-2010-4476

PATCH
title:HPSBMU02769 SSRT100846url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151
Trust: 2.4
title:NV18-002url:http://jpn.nec.com/security-info/secinfo/nv18-002.html
Trust: 2.4
title:1462146url:http://www-01.ibm.com/support/docview.wss?uid=swg21462146
Trust: 0.8
title:1462136url:http://www.ibm.com/support/docview.wss?uid=swg21462136
Trust: 0.8
title:cve-2010-4476url:http://www.ibm.com/developerworks/java/jdk/alerts/cve-2010-4476.html
Trust: 0.8
title:1469029url:https://www-304.ibm.com/support/docview.wss?uid=swg21469029
Trust: 0.8
title:security-5.html#Not_a_vulnerability_in_Tomcaturl:http://tomcat.apache.org/security-5.html#Not_a_vulnerability_in_Tomcat
Trust: 0.8
title:security-6.html#Not_a_vulnerability_in_Tomcaturl:http://tomcat.apache.org/security-6.html#Not_a_vulnerability_in_Tomcat
Trust: 0.8
title:security-7.html#Not_a_vulnerability_in_Tomcaturl:http://tomcat.apache.org/security-7.html#Not_a_vulnerability_in_Tomcat
Trust: 0.8
title:1066244url:http://svn.apache.org/viewvc?view=revision&revision=1066244
Trust: 0.8
title:1066315url:http://svn.apache.org/viewvc?view=revision&revision=1066315
Trust: 0.8
title:1066318url:http://svn.apache.org/viewvc?view=revision&revision=1066318
Trust: 0.8
title:HT4562url:http://support.apple.com/kb/HT4562
Trust: 0.8
title:HT4563url:http://support.apple.com/kb/HT4563
Trust: 0.8
title:HT4562url:http://support.apple.com/kb/HT4562?viewlocale=ja_JP
Trust: 0.8
title:HT4563url:http://support.apple.com/kb/HT4563?viewlocale=ja_JP
Trust: 0.8
title:tomcat5-5.5.23-0jpp.17.0.1.AXS3url:https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1382
Trust: 0.8
title:HPUXWSATW233url:https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXWSATW233
Trust: 0.8
title:HPUXWSATW315url:https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXWSATW315
Trust: 0.8
title:HS11-008url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-008/index.html
Trust: 0.8
title:HS11-009url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-009/index.html
Trust: 0.8
title:HS11-010url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-010/index.html
Trust: 0.8
title:HS11-003url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html
Trust: 0.8
title:HPSBUX02685url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02775276
Trust: 0.8
title:HPSBUX02642url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02746026
Trust: 0.8
title:HPSBUX02633url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02729756
Trust: 0.8
title:HPSBUX02641url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02738573
Trust: 0.8
title:HPSBUX02645url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02752210
Trust: 0.8
title:HPSBTU02684url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02826781
Trust: 0.8
title:1462019url:http://www-01.ibm.com/support/docview.wss?uid=swg21462019
Trust: 0.8
title:1469482url:http://www-01.ibm.com/support/docview.wss?uid=swg21469482
Trust: 0.8
title:1468197url:http://www-01.ibm.com/support/docview.wss?uid=swg21468197
Trust: 0.8
title:javacpufeb2011-304611url:http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html
Trust: 0.8
title:cpuapr2011-301950url:http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
Trust: 0.8
title:alert-cve-2010-4476-305811url:http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html
Trust: 0.8
title:RHSA-2011:0336url:https://rhn.redhat.com/errata/RHSA-2011-0336.html
Trust: 0.8
title:RHSA-2011:0214url:https://rhn.redhat.com/errata/RHSA-2011-0214.html
Trust: 0.8
title:RHSA-2011:0282url:https://rhn.redhat.com/errata/RHSA-2011-0282.html
Trust: 0.8
title:RHSA-2011:0335url:https://rhn.redhat.com/errata/RHSA-2011-0335.html
Trust: 0.8
title:security_alert_for_cve-2010-44url:http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html
Trust: 0.8
title:april_2011_critical_patch_updaurl:http://blogs.oracle.com/security/2011/04/april_2011_critical_patch_upda.html
Trust: 0.8
title:VMSA-2011-0013url:http://www.vmware.com/jp/support/support-resources/advisories/VMSA-2011-0013.html
Trust: 0.8
title:HS11-008url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-008/index.html
Trust: 0.8
title:HS11-009url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-009/index.html
Trust: 0.8
title:HS11-010url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-010/index.html
Trust: 0.8
title:HS11-003url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-003/index.html
Trust: 0.8
title:interstage_as_201101url:http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201101.html
Trust: 0.8
title:Debian Security Advisories: DSA-2161-1 openjdk-6 -- denial of serviceurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=8a0fbd8ef02c50b965cd7461fe7f588d
Trust: 0.1
title:Ubuntu Security Notice: openjdk-6b18 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1079-3
Trust: 0.1
title:Ubuntu Security Notice: openjdk-6 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1079-1
Trust: 0.1
title:Ubuntu Security Notice: openjdk-6b18 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1079-2
Trust: 0.1
title:VMware Security Advisories: VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESXurl:https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=31eb28d4d81f5dda33b13bdc58dfe8fb
Trust: 0.1
sources:
            
            
            VULMON: CVE-2010-4476 // 
            
            
            
            JVNDB: JVNDB-2011-000018 // 
            
            
            
            JVNDB: JVNDB-2011-000016 // 
            
            
            
            JVNDB: JVNDB-2011-001185

EXTERNAL IDS
db:NVDid:CVE-2010-4476
Trust: 4.6
db:SECUNIAid:43295
Trust: 2.7
db:SECTRACKid:1025062
Trust: 2.7
db:SECUNIAid:43304
Trust: 1.9
db:SECUNIAid:43280
Trust: 1.9
db:JVNid:JVN97334690
Trust: 1.6
db:JVNid:JVN16308183
Trust: 1.6
db:SECUNIAid:43400
Trust: 1.1
db:SECUNIAid:45022
Trust: 1.1
db:SECUNIAid:43333
Trust: 1.1
db:SECUNIAid:43048
Trust: 1.1
db:SECUNIAid:44954
Trust: 1.1
db:SECUNIAid:45555
Trust: 1.1
db:SECUNIAid:43659
Trust: 1.1
db:SECUNIAid:43378
Trust: 1.1
db:SECUNIAid:49198
Trust: 1.1
db:VUPENid:ADV-2011-0605
Trust: 1.1
db:VUPENid:ADV-2011-0422
Trust: 1.1
db:VUPENid:ADV-2011-0434
Trust: 1.1
db:VUPENid:ADV-2011-0365
Trust: 1.1
db:VUPENid:ADV-2011-0377
Trust: 1.1
db:VUPENid:ADV-2011-0379
Trust: 1.1
db:HITACHIid:HS11-003
Trust: 1.1
db:SECUNIAid:43262
Trust: 1.0
db:BIDid:46091
Trust: 0.9
db:SECUNIAid:43198
Trust: 0.9
db:JVNDBid:JVNDB-2011-000018
Trust: 0.8
db:JVNDBid:JVNDB-2011-000016
Trust: 0.8
db:JVNid:JVN26301278
Trust: 0.8
db:SECUNIAid:44303
Trust: 0.8
db:SECUNIAid:43194
Trust: 0.8
db:VUPENid:ADV-2011-0405
Trust: 0.8
db:VUPENid:ADV-2011-0339
Trust: 0.8
db:VUPENid:ADV-2011-1051
Trust: 0.8
db:VUPENid:ADV-2011-0294
Trust: 0.8
db:JVNDBid:JVNDB-2011-001185
Trust: 0.8
db:EXPLOIT-DBid:35304
Trust: 0.1
db:VULMONid:CVE-2010-4476
Trust: 0.1
db:PACKETSTORMid:121037
Trust: 0.1
db:PACKETSTORMid:106640
Trust: 0.1
db:PACKETSTORMid:106330
Trust: 0.1
db:PACKETSTORMid:127267
Trust: 0.1
db:PACKETSTORMid:114812
Trust: 0.1
db:PACKETSTORMid:99459
Trust: 0.1
db:PACKETSTORMid:101246
Trust: 0.1
db:PACKETSTORMid:98322
Trust: 0.1
db:PACKETSTORMid:98186
Trust: 0.1
db:PACKETSTORMid:99798
Trust: 0.1
db:PACKETSTORMid:111920
Trust: 0.1
db:PACKETSTORMid:98452
Trust: 0.1
sources:
            
            
            VULMON: CVE-2010-4476 // 
            
            
            
            JVNDB: JVNDB-2011-000018 // 
            
            
            
            JVNDB: JVNDB-2011-000016 // 
            
            
            
            JVNDB: JVNDB-2011-001185 // 
            
            
            
            PACKETSTORM: 121037 // 
            
            
            
            PACKETSTORM: 106640 // 
            
            
            
            PACKETSTORM: 106330 // 
            
            
            
            PACKETSTORM: 127267 // 
            
            
            
            PACKETSTORM: 114812 // 
            
            
            
            PACKETSTORM: 99459 // 
            
            
            
            PACKETSTORM: 101246 // 
            
            
            
            PACKETSTORM: 98322 // 
            
            
            
            PACKETSTORM: 98186 // 
            
            
            
            PACKETSTORM: 99798 // 
            
            
            
            PACKETSTORM: 111920 // 
            
            
            
            PACKETSTORM: 98452 // 
            
            
            
            NVD: CVE-2010-4476

REFERENCES
url:http://secunia.com/advisories/43295
Trust: 2.7
url:http://www.securitytracker.com/id?1025062
Trust: 2.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4476
Trust: 2.6
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4476
Trust: 2.4
url:http://secunia.com/advisories/43280
Trust: 1.9
url:http://secunia.com/advisories/43304
Trust: 1.9
url:http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html
Trust: 1.2
url:http://security.gentoo.org/glsa/glsa-201406-32.xml
Trust: 1.2
url:http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html
Trust: 1.1
url:http://www.redhat.com/support/errata/rhsa-2011-0214.html
Trust: 1.1
url:http://www-01.ibm.com/support/docview.wss?uid=swg1pm31983
Trust: 1.1
url:http://lists.fedoraproject.org/pipermail/package-announce/2011-february/053926.html
Trust: 1.1
url:http://www.debian.org/security/2011/dsa-2161
Trust: 1.1
url:http://www.redhat.com/support/errata/rhsa-2011-0282.html
Trust: 1.1
url:http://secunia.com/advisories/43400
Trust: 1.1
url:http://www.vupen.com/english/advisories/2011/0422
Trust: 1.1
url:http://www.redhat.com/support/errata/rhsa-2011-0211.html
Trust: 1.1
url:http://www-01.ibm.com/support/docview.wss?uid=swg1iz94423
Trust: 1.1
url:http://www.vupen.com/english/advisories/2011/0434
Trust: 1.1
url:http://www.redhat.com/support/errata/rhsa-2011-0213.html
Trust: 1.1
url:http://www-01.ibm.com/support/docview.wss?uid=swg21468358
Trust: 1.1
url:http://lists.fedoraproject.org/pipermail/package-announce/2011-february/053934.html
Trust: 1.1
url:http://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02720715&admit=109447627+1298159618320+28353475
Trust: 1.1
url:http://www.vupen.com/english/advisories/2011/0365
Trust: 1.1
url:http://secunia.com/advisories/43378
Trust: 1.1
url:http://www.vupen.com/english/advisories/2011/0379
Trust: 1.1
url:http://www.redhat.com/support/errata/rhsa-2011-0212.html
Trust: 1.1
url:http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html
Trust: 1.1
url:http://www.vupen.com/english/advisories/2011/0377
Trust: 1.1
url:http://www.redhat.com/support/errata/rhsa-2011-0210.html
Trust: 1.1
url:http://blog.fortify.com/blog/2011/02/08/double-trouble
Trust: 1.1
url:http://secunia.com/advisories/43048
Trust: 1.1
url:http://secunia.com/advisories/43333
Trust: 1.1
url:http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/
Trust: 1.1
url:http://www.redhat.com/support/errata/rhsa-2011-0334.html
Trust: 1.1
url:http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
Trust: 1.1
url:http://www.redhat.com/support/errata/rhsa-2011-0333.html
Trust: 1.1
url:http://secunia.com/advisories/45555
Trust: 1.1
url:http://www.ibm.com/support/docview.wss?uid=swg24029498
Trust: 1.1
url:http://www.ibm.com/support/docview.wss?uid=swg24029497
Trust: 1.1
url:http://www.redhat.com/support/errata/rhsa-2011-0880.html
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=130514352726432&w=2
Trust: 1.1
url:http://www.mandriva.com/security/advisories?name=mdvsa-2011:054
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=131041767210772&w=2
Trust: 1.1
url:http://www.vupen.com/english/advisories/2011/0605
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=129960314701922&w=2
Trust: 1.1
url:http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html
Trust: 1.1
url:http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html
Trust: 1.1
url:http://secunia.com/advisories/43659
Trust: 1.1
url:http://secunia.com/advisories/44954
Trust: 1.1
url:http://secunia.com/advisories/45022
Trust: 1.1
url:http://support.novell.com/docs/readmes/infodocument/patchbuilder/readme_5098550.html
Trust: 1.1
url:http://secunia.com/advisories/49198
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=132215163318824&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=136485229118404&w=2
Trust: 1.1
url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs11-003/index.html
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=134254957702612&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=130270785502599&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=130497185606818&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=133469267822771&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=130497132406206&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=129899347607632&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=133728004526190&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=130168502603566&w=2
Trust: 1.1
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19493
Trust: 1.1
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14589
Trust: 1.1
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14328
Trust: 1.1
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12745
Trust: 1.1
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12662
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=134254866602253&w=2
Trust: 1.1
url:http://www.securityfocus.com/bid/46091
Trust: 0.9
url:http://jvn.jp/en/jp/jvn97334690/index.html
Trust: 0.8
url:http://jvn.jp/en/jp/jvn16308183/index.html
Trust: 0.8
url:http://jvn.jp/jp/jvn97334690/index.html
Trust: 0.8
url:http://jvn.jp/cert/jvnvu584356/index.html
Trust: 0.8
url:http://jvn.jp/jp/jvn16308183/index.html
Trust: 0.8
url:http://jvn.jp/jp/jvn26301278/index.html
Trust: 0.8
url:http://jvn.jp/tr/jvntr-2011-02
Trust: 0.8
url:http://secunia.com/advisories/43198
Trust: 0.8
url:http://secunia.com/advisories/43262
Trust: 0.8
url:http://secunia.com/advisories/44303
Trust: 0.8
url:http://secunia.com/advisories/43194
Trust: 0.8
url:http://www.vupen.com/english/advisories/2011/0294
Trust: 0.8
url:http://www.vupen.com/english/advisories/2011/0339
Trust: 0.8
url:http://www.vupen.com/english/advisories/2011/1051
Trust: 0.8
url:http://www.vupen.com/english/advisories/2011/0405
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2010-4476
Trust: 0.7
url:https://nvd.nist.gov/vuln/detail/cve-2010-4470
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2010-4465
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2010-4469
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2010-4450
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2010-4448
Trust: 0.4
url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/
Trust: 0.3
url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3562
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3567
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3568
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3541
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3566
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3554
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3569
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3548
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3549
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3565
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3553
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3561
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3551
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-3557
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-4471
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-4472
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2011-2204
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2009-0033
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2009-3548
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2011-2526
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2009-2902
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2011-3190
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2009-0580
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2009-2693
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2009-0781
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2011-1184
Trust: 0.2
url:https://www.hp.com/go/swa
Trust: 0.2
url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-1157
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2011-2729
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3563
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3560
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471
Trust: 0.2
url:http://creativecommons.org/licenses/by-sa/2.5
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3556
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3550
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3558
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3559
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3573
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3552
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3574
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-4422
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3570
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-3555
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558
Trust: 0.2
url:http://security.gentoo.org/
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389
Trust: 0.2
url:https://bugs.gentoo.org.
Trust: 0.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4472
Trust: 0.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4465
Trust: 0.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4469
Trust: 0.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4450
Trust: 0.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4471
Trust: 0.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4448
Trust: 0.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4470
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2009-3555
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-4467
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2010-4351
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2011-0706
Trust: 0.2
url:http://secunia.com/products/corporate/evm/
Trust: 0.2
url:http://www.exploringbinary.com/why-volatile-fixes-the-2-2250738585072011e-308-bug/comment-page-1/#comment-4645
Trust: 0.2
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.2
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.2
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.2
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.2
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.2
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://www.debian.org/security/./dsa-2161
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.exploit-db.com/exploits/35304/
Trust: 0.1
url:https://usn.ubuntu.com/1079-3/
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=22468
Trust: 0.1
url:https://h20392.www2.hp.com/portal
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-3718
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-4858
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-2227
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0022
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2008-5515
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-0783
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-5885
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0013
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4474
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0814
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3570
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3555
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4451
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3516
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3550
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3550
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4447
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3549
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3563
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4466
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0863
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3555
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3556
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4462
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-3572
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3571
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3546
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-3571
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3561
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3558
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4475
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3559
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3552
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0867
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4468
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4463
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3560
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3545
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4452
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0802
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4422
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4473
Trust: 0.1
url:http://security.gentoo.org/glsa/glsa-201111-02.xml
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3572
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0873
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4454
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4473
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3556
Trust: 0.1
url:http://secunia.com/
Trust: 0.1
url:https://www.vmware.com/support/pubs/vs_pages/vsp_pubs_esxi41_i_vc41.html
Trust: 0.1
url:http://kb.vmware.com/kb/1055
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3571
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4474
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0862
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3554
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3562
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3170
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-1321
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3557
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3550
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-3173
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3567
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4451
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3553
Trust: 0.1
url:http://www.vmware.com/support/policies/eos_vi.html
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2054
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3555
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0864
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3561
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3541
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3559
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3565
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0802
Trust: 0.1
url:http://www.vmware.com/support/policies/eos.html
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3574
Trust: 0.1
url:http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4466
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3563
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4452
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3573
Trust: 0.1
url:http://www.vmware.com/security/advisories
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4422
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2008-7270
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3549
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3548
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4180
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0873
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3568
Trust: 0.1
url:http://www.vmware.com/support/policies/security_response.html
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1321
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3560
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3572
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4463
Trust: 0.1
url:http://gpgtools.org
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0815
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4447
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3566
Trust: 0.1
url:http://enigmail.mozdev.org/
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4467
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0865
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0867
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3558
Trust: 0.1
url:http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html
Trust: 0.1
url:http://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/4_1
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0871
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3552
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-7270
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3570
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0002
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4475
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4454
Trust: 0.1
url:http://lists.grok.org.uk/full-disclosure-charter.html
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4462
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3173
Trust: 0.1
url:https://www.vmware.com/support/pubs/vum_pubs.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-3170
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-2054
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3569
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0814
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4468
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3551
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-2783
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-3564
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-2548
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-3860
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4474
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4452
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0817
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4468
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4466
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4454
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0815
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0786
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0814
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4463
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4462
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0788
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0862
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4475
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4473
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4451
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4447
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0802
Trust: 0.1
url:http://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea-6-jre-cacao_6b18-1.8.7-0ubuntu2.1_armel.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.7-0ubuntu2.1.diff.gz
Trust: 0.1
url:http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jdk_6b18-1.8.7-0ubuntu2.1_armel.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.7.orig.tar.gz
Trust: 0.1
url:http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-demo_6b18-1.8.7-0ubuntu2.1_armel.deb
Trust: 0.1
url:http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre-headless_6b18-1.8.7-0ubuntu2.1_armel.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.7-0ubuntu2.1.dsc
Trust: 0.1
url:http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-dbg_6b18-1.8.7-0ubuntu2.1_armel.deb
Trust: 0.1
url:http://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea6-plugin_6b18-1.8.7-0ubuntu2.1_armel.deb
Trust: 0.1
url:http://ports.ubuntu.com/pool/universe/o/openjdk-6b18/openjdk-6-jre-zero_6b18-1.8.7-0ubuntu2.1_armel.deb
Trust: 0.1
url:http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre_6b18-1.8.7-0ubuntu2.1_armel.deb
Trust: 0.1
url:http://www.itrc.hp.com/service/cki/secbullarchive.do
Trust: 0.1
url:http://h18012.www1.hp.com/java/alpha/fpupdater_index.html
Trust: 0.1
url:http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na&langcode=useng&jumpid=in_sc-gen__driveritrc&topiccode=itrc
Trust: 0.1
url:http://h30046.www3.hp.com/subsignin.php
Trust: 0.1
url:http://secunia.com/products/corporate/vim/section_179/
Trust: 0.1
url:http://secunia.com/advisories/43262/
Trust: 0.1
url:http://secunia.com/advisories/43262/#comments
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=43262
Trust: 0.1
url:http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0075.html
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=43198
Trust: 0.1
url:http://secunia.com/advisories/43198/#comments
Trust: 0.1
url:http://secunia.com/products/corporate/vim/
Trust: 0.1
url:http://tomcat.apache.org/security-5.html
Trust: 0.1
url:http://secunia.com/advisories/43198/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0025
Trust: 0.1
url:http://store.mandriva.com/product_info.php?cpath=149&amp;products_id=490
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0025
Trust: 0.1
url:http://www.mandriva.com/security/
Trust: 0.1
url:http://www.mandriva.com/security/advisories
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0706
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4351
Trust: 0.1
url:http://h71000.www7.hp.com/openvms/products/ips/apache/csws_java.html
Trust: 0.1
url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-2901
Trust: 0.1
url:http://www.debian.org/security/faq
Trust: 0.1
url:http://www.debian.org/security/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2010-4476 // 
            
            
            
            JVNDB: JVNDB-2011-000018 // 
            
            
            
            JVNDB: JVNDB-2011-000016 // 
            
            
            
            JVNDB: JVNDB-2011-001185 // 
            
            
            
            PACKETSTORM: 121037 // 
            
            
            
            PACKETSTORM: 106640 // 
            
            
            
            PACKETSTORM: 106330 // 
            
            
            
            PACKETSTORM: 127267 // 
            
            
            
            PACKETSTORM: 114812 // 
            
            
            
            PACKETSTORM: 99459 // 
            
            
            
            PACKETSTORM: 101246 // 
            
            
            
            PACKETSTORM: 98322 // 
            
            
            
            PACKETSTORM: 98186 // 
            
            
            
            PACKETSTORM: 99798 // 
            
            
            
            PACKETSTORM: 111920 // 
            
            
            
            PACKETSTORM: 98452 // 
            
            
            
            NVD: CVE-2010-4476

CREDITS
HP
Trust: 0.4
sources:
            
            
            PACKETSTORM: 121037 // 
            
            
            
            PACKETSTORM: 114812 // 
            
            
            
            PACKETSTORM: 101246 // 
            
            
            
            PACKETSTORM: 111920

SOURCES
db:VULMONid:CVE-2010-4476
db:JVNDBid:JVNDB-2011-000018
db:JVNDBid:JVNDB-2011-000016
db:JVNDBid:JVNDB-2011-001185
db:PACKETSTORMid:121037
db:PACKETSTORMid:106640
db:PACKETSTORMid:106330
db:PACKETSTORMid:127267
db:PACKETSTORMid:114812
db:PACKETSTORMid:99459
db:PACKETSTORMid:101246
db:PACKETSTORMid:98322
db:PACKETSTORMid:98186
db:PACKETSTORMid:99798
db:PACKETSTORMid:111920
db:PACKETSTORMid:98452
db:NVDid:CVE-2010-4476

LAST UPDATE DATE
2025-01-28T21:42:50.504000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2010-4476date:2018-10-30T00:00:00
db:JVNDBid:JVNDB-2011-000018date:2018-02-07T00:00:00
db:JVNDBid:JVNDB-2011-000016date:2018-02-07T00:00:00
db:JVNDBid:JVNDB-2011-001185date:2018-02-07T00:00:00
db:NVDid:CVE-2010-4476date:2024-11-21T01:21:01.770

SOURCES RELEASE DATE
db:VULMONid:CVE-2010-4476date:2011-02-17T00:00:00
db:JVNDBid:JVNDB-2011-000018date:2011-03-04T00:00:00
db:JVNDBid:JVNDB-2011-000016date:2011-03-04T00:00:00
db:JVNDBid:JVNDB-2011-001185date:2011-03-08T00:00:00
db:PACKETSTORMid:121037date:2013-04-01T15:55:00
db:PACKETSTORMid:106640date:2011-11-06T01:01:42
db:PACKETSTORMid:106330date:2011-10-28T14:46:28
db:PACKETSTORMid:127267date:2014-06-30T23:39:28
db:PACKETSTORMid:114812date:2012-07-17T21:49:22
db:PACKETSTORMid:99459date:2011-03-18T21:57:10
db:PACKETSTORMid:101246date:2011-05-09T22:49:19
db:PACKETSTORMid:98322date:2011-02-09T03:30:06
db:PACKETSTORMid:98186date:2011-02-07T01:36:02
db:PACKETSTORMid:99798date:2011-03-28T18:56:27
db:PACKETSTORMid:111920date:2012-04-17T20:41:11
db:PACKETSTORMid:98452date:2011-02-14T20:22:42
db:NVDid:CVE-2010-4476date:2011-02-17T19:00:01.900