Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-g1wu-uzuv-fbdt
Summary
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
    allowing attackers to cause unspecified impact.
Aliases
0
alias CVE-2010-3552
Fixed_packages
0
url pkg:ebuild/app-emulation/emul-linux-x86-java@1.6.0.29
purl pkg:ebuild/app-emulation/emul-linux-x86-java@1.6.0.29
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/emul-linux-x86-java@1.6.0.29
1
url pkg:ebuild/dev-java/sun-jdk@1.6.0.29
purl pkg:ebuild/dev-java/sun-jdk@1.6.0.29
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/sun-jdk@1.6.0.29
2
url pkg:ebuild/dev-java/sun-jre-bin@1.6.0.29
purl pkg:ebuild/dev-java/sun-jre-bin@1.6.0.29
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/sun-jre-bin@1.6.0.29
Affected_packages
0
url pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.22-1jpp.1?arch=el4
purl pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.22-1jpp.1?arch=el4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1zce-ccvb-qffk
1
vulnerability VCID-3um7-bhp7-hqbe
2
vulnerability VCID-64zd-uyfm-f3cr
3
vulnerability VCID-7u2w-duqd-9fab
4
vulnerability VCID-eg75-7nhb-1bd6
5
vulnerability VCID-f9p6-pf4z-w7eu
6
vulnerability VCID-g1wu-uzuv-fbdt
7
vulnerability VCID-hmz9-w1bx-vkg8
8
vulnerability VCID-jt8e-tzk1-guhk
9
vulnerability VCID-kbs4-5kqt-z7gy
10
vulnerability VCID-kgdg-wdk3-afgf
11
vulnerability VCID-kp8c-fgsp-4qgg
12
vulnerability VCID-n2dm-na4y-nyeg
13
vulnerability VCID-n4eq-q5ga-nucx
14
vulnerability VCID-nk79-z7qp-87ez
15
vulnerability VCID-p4te-vnq6-bfee
16
vulnerability VCID-qy19-mm4j-pkdw
17
vulnerability VCID-qzk4-tk6f-qkdc
18
vulnerability VCID-szz6-e2fg-jbhy
19
vulnerability VCID-t3et-y4mc-wude
20
vulnerability VCID-tpgq-bmxw-wbcc
21
vulnerability VCID-ttqq-7ccy-vqhx
22
vulnerability VCID-up3k-da4h-h7cb
23
vulnerability VCID-vax6-9rc7-2qe3
24
vulnerability VCID-vvzb-u4yd-fueg
25
vulnerability VCID-w4hp-sa3w-3qg1
26
vulnerability VCID-xnsc-n6vd-xkc1
27
vulnerability VCID-ye9j-3az2-tbag
28
vulnerability VCID-ysgy-uch6-efa3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.22-1jpp.1%3Farch=el4
1
url pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.22-1jpp.1?arch=el5
purl pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.22-1jpp.1?arch=el5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1zce-ccvb-qffk
1
vulnerability VCID-3um7-bhp7-hqbe
2
vulnerability VCID-64zd-uyfm-f3cr
3
vulnerability VCID-7u2w-duqd-9fab
4
vulnerability VCID-eg75-7nhb-1bd6
5
vulnerability VCID-f9p6-pf4z-w7eu
6
vulnerability VCID-g1wu-uzuv-fbdt
7
vulnerability VCID-hmz9-w1bx-vkg8
8
vulnerability VCID-jt8e-tzk1-guhk
9
vulnerability VCID-kbs4-5kqt-z7gy
10
vulnerability VCID-kgdg-wdk3-afgf
11
vulnerability VCID-kp8c-fgsp-4qgg
12
vulnerability VCID-n2dm-na4y-nyeg
13
vulnerability VCID-n4eq-q5ga-nucx
14
vulnerability VCID-nk79-z7qp-87ez
15
vulnerability VCID-p4te-vnq6-bfee
16
vulnerability VCID-qy19-mm4j-pkdw
17
vulnerability VCID-qzk4-tk6f-qkdc
18
vulnerability VCID-szz6-e2fg-jbhy
19
vulnerability VCID-t3et-y4mc-wude
20
vulnerability VCID-tpgq-bmxw-wbcc
21
vulnerability VCID-ttqq-7ccy-vqhx
22
vulnerability VCID-up3k-da4h-h7cb
23
vulnerability VCID-vax6-9rc7-2qe3
24
vulnerability VCID-vvzb-u4yd-fueg
25
vulnerability VCID-w4hp-sa3w-3qg1
26
vulnerability VCID-xnsc-n6vd-xkc1
27
vulnerability VCID-ye9j-3az2-tbag
28
vulnerability VCID-ysgy-uch6-efa3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.22-1jpp.1%3Farch=el5
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3552.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3552.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-3552
reference_id
reference_type
scores
0
value 0.82947
scoring_system epss
scoring_elements 0.99273
published_at 2026-06-11T12:55:00Z
1
value 0.82947
scoring_system epss
scoring_elements 0.99275
published_at 2026-06-13T12:55:00Z
2
value 0.82947
scoring_system epss
scoring_elements 0.99274
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-3552
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=642600
reference_id 642600
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=642600
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/15241.txt
reference_id CVE-2010-3552;OSVDB-68873
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/15241.txt
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16587.rb
reference_id CVE-2010-3552;OSVDB-68873
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16587.rb
5
reference_url http://www.zerodayinitiative.com/advisories/ZDI-10-206/
reference_id CVE-2010-3552;OSVDB-68873
reference_type exploit
scores
url http://www.zerodayinitiative.com/advisories/ZDI-10-206/
6
reference_url https://security.gentoo.org/glsa/201111-02
reference_id GLSA-201111-02
reference_type
scores
url https://security.gentoo.org/glsa/201111-02
Weaknesses
Exploits
0
date_added 2011-01-08
description Sun Java - Runtime New Plugin docbase Buffer Overflow (Metasploit)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2011-01-08
exploit_type remote
platform windows
source_date_updated 2011-03-10
data_source Exploit-DB
source_url http://www.zerodayinitiative.com/advisories/ZDI-10-206/
1
date_added null
description 
This module exploits a flaw in the new plugin component of the Sun Java
          Runtime Environment before v6 Update 22. By specifying specific parameters
          to the new plugin, an attacker can cause a stack-based buffer overflow and
          execute arbitrary code.

          When the new plugin is invoked with a "launchjnlp" parameter, it will
          copy the contents of the "docbase" parameter to a stack-buffer using the
          "sprintf" function. A string of 396 bytes is enough to overflow the 256
          byte stack buffer and overwrite some local variables as well as the saved
          return address.

          NOTE: The string being copied is first passed through the "WideCharToMultiByte".
          Due to this, only characters which have a valid localized multibyte
          representation are allowed. Invalid characters will be replaced with
          question marks ('?').

          This vulnerability was originally discovered independently by both Stephen
          Fewer and Berend Jan Wever (SkyLined). Although exhaustive testing hasn't
          been done, all versions since version 6 Update 10 are believed to be affected
          by this vulnerability.

          This vulnerability was patched as part of the October 2010 Oracle Patch
          release.
required_action null
due_date null
notes 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
known_ransomware_campaign_use false
source_date_published 2010-10-12
exploit_type null
platform Windows
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/browser/java_docbase_bof.rb
Severity_range_scorenull
Exploitability2.0
Weighted_severity0.7
Risk_score1.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-g1wu-uzuv-fbdt