CVE Kennung:	CVE-2010-0838
Beschreibung:	Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.
Test Kennungen:	Nicht verfügbar
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0838 http://lists.apple.com/archives/security-announce/2010//May/msg00001.html http://lists.apple.com/archives/security-announce/2010//May/msg00002.html BugTraq ID: 39069 http://www.securityfocus.com/bid/39069 Bugtraq: 20100405 ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510534/100/0/threaded Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search) http://www.securityfocus.com/archive/1/516397/100/0/threaded HPdes Security Advisory: HPSBMA02547 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 HPdes Security Advisory: HPSBMU02799 http://marc.info/?l=bugtraq&m=134254866602253&w=2 HPdes Security Advisory: HPSBUX02524 http://marc.info/?l=bugtraq&m=127557596201693&w=2 HPdes Security Advisory: SSRT100089 http://marc.info/?l=bugtraq&m=127557596201693&w=2 HPdes Security Advisory: SSRT100179 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 http://www.mandriva.com/security/advisories?name=MDVSA-2010:084 http://www.zerodayinitiative.com/advisories/ZDI-10-061 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10482 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13923 RedHat Security Advisories: RHSA-2010:0337 http://www.redhat.com/support/errata/RHSA-2010-0337.html RedHat Security Advisories: RHSA-2010:0338 http://www.redhat.com/support/errata/RHSA-2010-0338.html RedHat Security Advisories: RHSA-2010:0339 http://www.redhat.com/support/errata/RHSA-2010-0339.html RedHat Security Advisories: RHSA-2010:0383 http://www.redhat.com/support/errata/RHSA-2010-0383.html RedHat Security Advisories: RHSA-2010:0471 http://www.redhat.com/support/errata/RHSA-2010-0471.html http://secunia.com/advisories/39292 http://secunia.com/advisories/39317 http://secunia.com/advisories/39659 http://secunia.com/advisories/39819 http://secunia.com/advisories/40545 http://secunia.com/advisories/43308 SuSE Security Announcement: SUSE-SR:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html SuSE Security Announcement: SUSE-SR:2010:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://ubuntu.com/usn/usn-923-1 http://www.vupen.com/english/advisories/2010/1107 http://www.vupen.com/english/advisories/2010/1191 http://www.vupen.com/english/advisories/2010/1454 http://www.vupen.com/english/advisories/2010/1793 XForce ISS Database: javase-javab-java2d-unspecifed(57346) https://exchange.xforce.ibmcloud.com/vulnerabilities/57346