Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-tez3-6kvc-3ugv

Summary

The Oracle JDK and JRE are vulnerable to multiple unspecified
    vulnerabilities.

Aliases

alias	CVE-2010-0842

Fixed_packages

url	pkg:ebuild/app-emulation/emul-linux-x86-java@1.6.0.20
purl	pkg:ebuild/app-emulation/emul-linux-x86-java@1.6.0.20
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/emul-linux-x86-java@1.6.0.20

url	pkg:ebuild/dev-java/sun-jdk@1.6.0.20
purl	pkg:ebuild/dev-java/sun-jdk@1.6.0.20
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/sun-jdk@1.6.0.20

url	pkg:ebuild/dev-java/sun-jre-bin@1.6.0.20
purl	pkg:ebuild/dev-java/sun-jre-bin@1.6.0.20
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/sun-jre-bin@1.6.0.20

Affected_packages

url pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.5-1jpp.1?arch=el4

purl pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.5-1jpp.1?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.5-1jpp.1%3Farch=el4

url pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.5-1jpp.1?arch=el5

purl pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.5-1jpp.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.5-1jpp.1%3Farch=el5

url pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.5-1jpp.1?arch=el3

purl pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.5-1jpp.1?arch=el3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.5-1jpp.1%3Farch=el3

url pkg:rpm/redhat/java-1.4.2-ibm-sap@1.4.2.13.5.sap-1jpp.1?arch=el5

purl pkg:rpm/redhat/java-1.4.2-ibm-sap@1.4.2.13.5.sap-1jpp.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.4.2-ibm-sap@1.4.2.13.5.sap-1jpp.1%3Farch=el5

url pkg:rpm/redhat/java-1.4.2-ibm-sap@1.4.2.13.5.sap-1jpp.1?arch=el4_8

purl pkg:rpm/redhat/java-1.4.2-ibm-sap@1.4.2.13.5.sap-1jpp.1?arch=el4_8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.4.2-ibm-sap@1.4.2.13.5.sap-1jpp.1%3Farch=el4_8

url pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.11.2-1jpp.1?arch=el5

purl pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.11.2-1jpp.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.11.2-1jpp.1%3Farch=el5

url pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.11.2-1jpp.1?arch=el4

purl pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.11.2-1jpp.1?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.11.2-1jpp.1%3Farch=el4

url pkg:rpm/redhat/java-1.5.0-sun@1.5.0.22-1jpp.3?arch=el4

purl pkg:rpm/redhat/java-1.5.0-sun@1.5.0.22-1jpp.3?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-5ank-1yxa-zfdw

vulnerability	VCID-5bmx-ugmn-bkf8

vulnerability	VCID-5jg8-2nz6-hkbw

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-7yaz-ssq6-hkg2

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-kb93-t5uy-3qgh

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-wzud-pdqf-3ubv

vulnerability	VCID-xj3c-6jb6-9baq

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-sun@1.5.0.22-1jpp.3%3Farch=el4

url pkg:rpm/redhat/java-1.5.0-sun@1.5.0.22-1jpp.3?arch=el5

purl pkg:rpm/redhat/java-1.5.0-sun@1.5.0.22-1jpp.3?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-5ank-1yxa-zfdw

vulnerability	VCID-5bmx-ugmn-bkf8

vulnerability	VCID-5jg8-2nz6-hkbw

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-7yaz-ssq6-hkg2

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-kb93-t5uy-3qgh

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-wzud-pdqf-3ubv

vulnerability	VCID-xj3c-6jb6-9baq

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-sun@1.5.0.22-1jpp.3%3Farch=el5

url pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.8-1jpp.1?arch=el4

purl pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.8-1jpp.1?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-5bmx-ugmn-bkf8

vulnerability	VCID-5jg8-2nz6-hkbw

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-7yaz-ssq6-hkg2

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-kdb3-9kyt-rycg

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-xj3c-6jb6-9baq

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.8-1jpp.1%3Farch=el4

url pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.8-1jpp.1?arch=el5

purl pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.8-1jpp.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-5bmx-ugmn-bkf8

vulnerability	VCID-5jg8-2nz6-hkbw

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-7yaz-ssq6-hkg2

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-kdb3-9kyt-rycg

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-xj3c-6jb6-9baq

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.8-1jpp.1%3Farch=el5

url pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.19-1jpp.1?arch=el5

purl pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.19-1jpp.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-5ank-1yxa-zfdw

vulnerability	VCID-5bmx-ugmn-bkf8

vulnerability	VCID-5jg8-2nz6-hkbw

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-7yaz-ssq6-hkg2

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-kb93-t5uy-3qgh

vulnerability	VCID-kdb3-9kyt-rycg

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-wzud-pdqf-3ubv

vulnerability	VCID-xj3c-6jb6-9baq

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.19-1jpp.1%3Farch=el5

url pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.19-1jpp.1?arch=el4

purl pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.19-1jpp.1?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47zv-w3cw-gqdu

vulnerability	VCID-4af6-jbwu-vqa5

vulnerability	VCID-5ank-1yxa-zfdw

vulnerability	VCID-5bmx-ugmn-bkf8

vulnerability	VCID-5jg8-2nz6-hkbw

vulnerability	VCID-6at4-zn4v-qbcj

vulnerability	VCID-7yaz-ssq6-hkg2

vulnerability	VCID-gcm9-p4c9-v3ed

vulnerability	VCID-h1t3-5mnx-p7cc

vulnerability	VCID-hfw9-yd8c-skff

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-kb93-t5uy-3qgh

vulnerability	VCID-kdb3-9kyt-rycg

vulnerability	VCID-krqx-raqn-6fd9

vulnerability	VCID-mjkc-m99w-t3bc

vulnerability	VCID-n1an-y2zh-dyb8

vulnerability	VCID-pyt6-km5c-ayff

vulnerability	VCID-s5uh-nqh9-hbf5

vulnerability	VCID-tez3-6kvc-3ugv

vulnerability	VCID-tunw-gsap-43d8

vulnerability	VCID-wrj7-8fdk-8yhc

vulnerability	VCID-wzud-pdqf-3ubv

vulnerability	VCID-xj3c-6jb6-9baq

vulnerability	VCID-zafb-zsmd-5fdc

vulnerability	VCID-zqzs-p41m-4kbr

vulnerability	VCID-zxye-ucrs-uuec

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.19-1jpp.1%3Farch=el4

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0842.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0842.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0842

reference_id

reference_type

scores

value	0.84326
scoring_system	epss
scoring_elements	0.99314
published_at	2026-04-02T12:55:00Z

value	0.84326
scoring_system	epss
scoring_elements	0.99316
published_at	2026-04-04T12:55:00Z

value	0.84326
scoring_system	epss
scoring_elements	0.99318
published_at	2026-04-07T12:55:00Z

value	0.84326
scoring_system	epss
scoring_elements	0.99319
published_at	2026-04-08T12:55:00Z

value	0.84326
scoring_system	epss
scoring_elements	0.9932
published_at	2026-04-09T12:55:00Z

value	0.84326
scoring_system	epss
scoring_elements	0.99321
published_at	2026-04-13T12:55:00Z

value	0.84326
scoring_system	epss
scoring_elements	0.99322
published_at	2026-04-12T12:55:00Z

value	0.84326
scoring_system	epss
scoring_elements	0.99323
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0842

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=578436
reference_id	578436
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=578436

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18485.rb
reference_id	CVE-2010-0842;OSVDB-63493
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18485.rb

reference_url	http://www.zerodayinitiative.com/advisories/ZDI-10-060/
reference_id	CVE-2010-0842;OSVDB-63493
reference_type	exploit
scores
url	http://www.zerodayinitiative.com/advisories/ZDI-10-060/

reference_url	https://security.gentoo.org/glsa/201006-18
reference_id	GLSA-201006-18
reference_type
scores
url	https://security.gentoo.org/glsa/201006-18

reference_url	https://access.redhat.com/errata/RHSA-2010:0383
reference_id	RHSA-2010:0383
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0383

reference_url	https://access.redhat.com/errata/RHSA-2010:0471
reference_id	RHSA-2010:0471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0471

reference_url	https://access.redhat.com/errata/RHSA-2010:0489
reference_id	RHSA-2010:0489
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0489

reference_url	https://access.redhat.com/errata/RHSA-2010:0574
reference_id	RHSA-2010:0574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0574

reference_url	https://access.redhat.com/errata/RHSA-2010:0586
reference_id	RHSA-2010:0586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0586

Weaknesses

Exploits

date_added	2012-02-16
description	Java MixerSequencer Object - GM_Song Structure Handling (Metasploit)
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2012-02-16
exploit_type	remote
platform	windows
source_date_updated	2012-02-16
data_source	Exploit-DB
source_url	http://www.zerodayinitiative.com/advisories/ZDI-10-060/

date_added	`null`
description	This module exploits a flaw within the handling of MixerSequencer objects in Java 6u18 and before. Exploitation id done by supplying a specially crafted MIDI file within an RMF File. When the MixerSequencer objects is used to play the file, the GM_Song structure is populated with a function pointer provided by a SONG block in the RMF. A Midi block that contains a MIDI with a specially crafted controller event is used to trigger the vulnerability. When triggering the vulnerability "ebx" points to a fake event in the MIDI file which stores the shellcode. A "jmp ebx" from msvcr71.dll is used to make the exploit reliable over java updates.
required_action	`null`
due_date	`null`
notes	Reliability: - unknown-reliability Stability: - unknown-stability SideEffects: - unknown-side-effects
known_ransomware_campaign_use	`false`
source_date_published	2010-03-30
exploit_type	`null`
platform	Windows
source_date_updated	`null`
data_source	Metasploit
source_url	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/browser/java_mixer_sequencer.rb

Severity_range_score null

Exploitability 2.0

Weighted_severity 0.8

Risk_score 1.6

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tez3-6kvc-3ugv

Vulnerability Instance