1
PublicDateAtUSN: 2010-10-19
2
Candidate: CVE-2010-3566
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566
6
https://usn.ubuntu.com/usn/usn-1010-1
8
Unspecified vulnerability in the 2D component in Oracle Java SE and Java
9
for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to
10
affect confidentiality, integrity, and availability via unknown vectors.
11
NOTE: the previous information was obtained from the October 2010 CPU.
12
Oracle has not commented on claims from a reliable researcher that this is
13
an integer overflow that leads to a buffer overflow via a crafted devs
14
(device information) tag structure in a color profile.
16
It was discovered that an unspecified vulnerability in the ICC
17
profile handling code could allow an attacker to execute arbitrary code
18
with the privileges of the user running a java applet or application.
26
upstream_openjdk-6: needs-triage
28
hardy_openjdk-6: released (1.8.2-4ubuntu1~8.04.1)
29
jaunty_openjdk-6: released (1.8.2-4ubuntu1~9.04.1)
30
karmic_openjdk-6: released (1.8.2-4ubuntu1~9.10.1)
31
lucid_openjdk-6: released (1.8.2-4ubuntu2)
32
maverick_openjdk-6: released (6b20-1.9.1-1ubuntu3)
33
devel_openjdk-6: not-affected (6b20-1.10~pre2-0ubuntu5)
36
upstream_sun-java6: needs-triage
38
hardy_sun-java6: released (6.22-0ubuntu1~8.04.1)
39
jaunty_sun-java6: released (6.22-0ubuntu1~9.04.1)
40
karmic_sun-java6: released (6.22-0ubuntu1~9.10.1)
41
lucid_sun-java6: released (6.22-0ubuntu1~10.04)
42
maverick_sun-java6: released (6.22-0ubuntu1~10.10)
46
upstream_openjdk-6b18: released (6b22)
47
dapper_openjdk-6b18: DNE
48
hardy_openjdk-6b18: DNE
49
intrepid_openjdk-6b18: DNE
50
karmic_openjdk-6b18: not-affected (6b18-1.8.4-0ubuntu1~9.10.1)
51
lucid_openjdk-6b18: not-affected (6b18-1.8.3-0ubuntu1~10.04.1)
52
maverick_openjdk-6b18: released (6b18-1.8.2-4ubuntu1)
53
devel_openjdk-6b18: not-affected (6b18-1.8.3-1ubuntu3)