CVE-2010-4472

Published: Feb 17, 2011Modified: Apr 29, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations."

Affected (45)

Products: Sun: Jre, Jdk

2 products

Configuration A

22 vulnerable

Vulnerable Software	Affected Versions
Sun Jre	Up to 1.6.0
Sun Jre	Version 1.6.0
Sun Jre	Version 1.6.0 update_10
Sun Jre	Version 1.6.0 update_11
Sun Jre	Version 1.6.0 update_12
Sun Jre	Version 1.6.0 update_13
Sun Jre	Version 1.6.0 update_14
Sun Jre	Version 1.6.0 update_15
Sun Jre	Version 1.6.0 update_16
Sun Jre	Version 1.6.0 update_17
Sun Jre	Version 1.6.0 update_18
Sun Jre	Version 1.6.0 update_19
Sun Jre	Version 1.6.0 update_1
Sun Jre	Version 1.6.0 update_20
Sun Jre	Version 1.6.0 update_21
Sun Jre	Version 1.6.0 update_22
Sun Jre	Version 1.6.0 update_2
Sun Jre	Version 1.6.0 update_3
Sun Jre	Version 1.6.0 update_4
Sun Jre	Version 1.6.0 update_5
Sun Jre	Version 1.6.0 update_6
Sun Jre	Version 1.6.0 update_7

Configuration B

23 vulnerable

Vulnerable Software	Affected Versions
Sun Jdk	Up to 1.6.0
Sun Jdk	Version 1.6.0
Sun Jdk	Version 1.6.0 update1
Sun Jdk	Version 1.6.0 update1_b06
Sun Jdk	Version 1.6.0 update2
Sun Jdk	Version 1.6.0 update_10
Sun Jdk	Version 1.6.0 update_11
Sun Jdk	Version 1.6.0 update_12
Sun Jdk	Version 1.6.0 update_13
Sun Jdk	Version 1.6.0 update_14
Sun Jdk	Version 1.6.0 update_15
Sun Jdk	Version 1.6.0 update_16
Sun Jdk	Version 1.6.0 update_17
Sun Jdk	Version 1.6.0 update_18
Sun Jdk	Version 1.6.0 update_19
Sun Jdk	Version 1.6.0 update_20
Sun Jdk	Version 1.6.0 update_21
Sun Jdk	Version 1.6.0 update_22
Sun Jdk	Version 1.6.0 update_3
Sun Jdk	Version 1.6.0 update_4
Sun Jdk	Version 1.6.0 update_5
Sun Jdk	Version 1.6.0 update_6
Sun Jdk	Version 1.6.0 update_7

References (34)

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html

Source: secalert_us@oracle.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html

Source: secalert_us@oracle.com

http://marc.info/?l=bugtraq&m=134254866602253&w=2

Source: secalert_us@oracle.com

http://marc.info/?l=bugtraq&m=134254957702612&w=2

Source: secalert_us@oracle.com

http://secunia.com/advisories/43350

Source: secalert_us@oracle.com

Vendor Advisory

http://security.gentoo.org/glsa/glsa-201406-32.xml

Source: secalert_us@oracle.com

http://www.debian.org/security/2011/dsa-2224

Source: secalert_us@oracle.com

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html

Source: secalert_us@oracle.com

http://www.mandriva.com/security/advisories?name=MDVSA-2011:054

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

Source: secalert_us@oracle.com

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2011-0281.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2011-0282.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.securityfocus.com/bid/46404

Source: secalert_us@oracle.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/65411

Source: secalert_us@oracle.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12903

Source: secalert_us@oracle.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14118

Source: secalert_us@oracle.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=134254866602253&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=134254957702612&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/43350

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://security.gentoo.org/glsa/glsa-201406-32.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2011/dsa-2224

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2011:054

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2011-0281.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2011-0282.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/46404

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/65411

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12903

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14118

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.