Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-nmve-j4hs-t7b5

Summary

The Oracle JDK and JRE are vulnerable to multiple unspecified
    vulnerabilities.

Aliases

alias	CVE-2010-0886

Fixed_packages

url	pkg:ebuild/app-emulation/emul-linux-x86-java@1.6.0.20
purl	pkg:ebuild/app-emulation/emul-linux-x86-java@1.6.0.20
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/emul-linux-x86-java@1.6.0.20

url	pkg:ebuild/dev-java/sun-jdk@1.6.0.20
purl	pkg:ebuild/dev-java/sun-jdk@1.6.0.20
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/sun-jdk@1.6.0.20

url	pkg:ebuild/dev-java/sun-jre-bin@1.6.0.20
purl	pkg:ebuild/dev-java/sun-jre-bin@1.6.0.20
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/sun-jre-bin@1.6.0.20

Affected_packages

url pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.20-1jpp.1?arch=el4

purl pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.20-1jpp.1?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nmve-j4hs-t7b5

vulnerability	VCID-zw4d-ykbx-sudg

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.20-1jpp.1%3Farch=el4

url pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.20-1jpp.1?arch=el5

purl pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.20-1jpp.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nmve-j4hs-t7b5

vulnerability	VCID-zw4d-ykbx-sudg

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.20-1jpp.1%3Farch=el5

References

reference_url	http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2010//May/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2010//May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2010//May/msg00002.html

reference_url	http://marc.info/?l=bugtraq&m=134254866602253&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=134254866602253&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0886.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0886.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0886

reference_id

reference_type

scores

value	0.80974
scoring_system	epss
scoring_elements	0.99146
published_at	2026-04-04T12:55:00Z

value	0.80974
scoring_system	epss
scoring_elements	0.99152
published_at	2026-04-16T12:55:00Z

value	0.80974
scoring_system	epss
scoring_elements	0.99144
published_at	2026-04-02T12:55:00Z

value	0.80974
scoring_system	epss
scoring_elements	0.99143
published_at	2026-04-01T12:55:00Z

value	0.80974
scoring_system	epss
scoring_elements	0.9915
published_at	2026-04-07T12:55:00Z

value	0.80974
scoring_system	epss
scoring_elements	0.99151
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0886

reference_url	http://secunia.com/advisories/39819
reference_id
reference_type
scores
url	http://secunia.com/advisories/39819

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14216
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14216

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-279590-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-279590-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1022294.1-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1022294.1-1

reference_url	http://support.apple.com/kb/HT4170
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4170

reference_url	http://support.apple.com/kb/HT4171
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4171

reference_url	http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html
reference_id
reference_type
scores
url	http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html

reference_url	http://www.securityfocus.com/archive/1/516397/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/516397/100/0/threaded

reference_url	http://www.vmware.com/security/advisories/VMSA-2011-0003.html
reference_id
reference_type
scores
url	http://www.vmware.com/security/advisories/VMSA-2011-0003.html

reference_url	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
reference_id
reference_type
scores
url	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

reference_url	http://www.vupen.com/english/advisories/2010/1191
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/1191

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=581237
reference_id	581237
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=581237

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update10::::::
reference_id	cpe:2.3:a:sun:jdk:1.6.0:update10::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update10::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update11::::::
reference_id	cpe:2.3:a:sun:jdk:1.6.0:update11::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update11::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update12::::::
reference_id	cpe:2.3:a:sun:jdk:1.6.0:update12::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update12::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update13::::::
reference_id	cpe:2.3:a:sun:jdk:1.6.0:update13::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update13::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update14::::::
reference_id	cpe:2.3:a:sun:jdk:1.6.0:update14::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update14::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update15::::::
reference_id	cpe:2.3:a:sun:jdk:1.6.0:update15::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update15::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update16::::::
reference_id	cpe:2.3:a:sun:jdk:1.6.0:update16::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update16::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update17::::::
reference_id	cpe:2.3:a:sun:jdk:1.6.0:update17::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update17::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update18::::::
reference_id	cpe:2.3:a:sun:jdk:1.6.0:update18::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update18::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update19::::::
reference_id	cpe:2.3:a:sun:jdk:1.6.0:update19::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jdk:1.6.0:update19::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update10::::::
reference_id	cpe:2.3:a:sun:jre:1.6.0:update10::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update10::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update11::::::
reference_id	cpe:2.3:a:sun:jre:1.6.0:update11::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update11::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update12::::::
reference_id	cpe:2.3:a:sun:jre:1.6.0:update12::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update12::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update13::::::
reference_id	cpe:2.3:a:sun:jre:1.6.0:update13::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update13::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update14::::::
reference_id	cpe:2.3:a:sun:jre:1.6.0:update14::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update14::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update15::::::
reference_id	cpe:2.3:a:sun:jre:1.6.0:update15::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update15::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update16::::::
reference_id	cpe:2.3:a:sun:jre:1.6.0:update16::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update16::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update17::::::
reference_id	cpe:2.3:a:sun:jre:1.6.0:update17::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update17::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update18::::::
reference_id	cpe:2.3:a:sun:jre:1.6.0:update18::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update18::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update19::::::
reference_id	cpe:2.3:a:sun:jre:1.6.0:update19::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:jre:1.6.0:update19::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-0886

reference_id

CVE-2010-0886

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2010-0886

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16585.rb
reference_id	CVE-2010-0886;OSVDB-63648
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16585.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/12122.txt
reference_id	CVE-2010-0886;OSVDB-63798
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/12122.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/12117.txt
reference_id	CVE-2010-0886;OSVDB-63798
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/12117.txt

reference_url	https://github.com/rapid7/metasploit-framework/blob/b08d1ad8d8d6c0f5cb63cc44e3ff75efb9edb7b3/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb
reference_id	CVE-2010-1423;CVE-2010-0886;OSVDB-63648
reference_type	exploit
scores
url	https://github.com/rapid7/metasploit-framework/blob/b08d1ad8d8d6c0f5cb63cc44e3ff75efb9edb7b3/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/41700.rb
reference_id	CVE-2010-1423;CVE-2010-0886;OSVDB-63648
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/41700.rb

reference_url	https://security.gentoo.org/glsa/201006-18
reference_id	GLSA-201006-18
reference_type
scores
url	https://security.gentoo.org/glsa/201006-18

reference_url	https://access.redhat.com/errata/RHSA-2010:0356
reference_id	RHSA-2010:0356
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0356

Weaknesses

Exploits

date_added	2010-09-21
description	Sun Java - Web Start Plugin Command Line Argument Injection (Metasploit)
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2010-09-21
exploit_type	remote
platform	windows
source_date_updated	2011-03-10
data_source	Exploit-DB
source_url

date_added	`null`
description	This module exploits a flaw in the Web Start plugin component of Sun Java Web Start. The arguments passed to Java Web Start are not properly validated. By passing the lesser known -J option, an attacker can pass arbitrary options directly to the Java runtime. By utilizing the -XXaltjvm option, as discussed by Ruben Santamarta, an attacker can execute arbitrary code in the context of an unsuspecting browser user. This vulnerability was originally discovered independently by both Ruben Santamarta and Tavis Ormandy. Tavis reported that all versions since version 6 Update 10 "are believed to be affected by this vulnerability." In order for this module to work, it must be ran as root on a server that does not serve SMB. Additionally, the target host must have the WebClient service (WebDAV Mini-Redirector) enabled.
required_action	`null`
due_date	`null`
notes	Reliability: - unknown-reliability Stability: - unknown-stability SideEffects: - unknown-side-effects
known_ransomware_campaign_use	`false`
source_date_published	2010-04-09
exploit_type	`null`
platform	Windows
source_date_updated	`null`
data_source	Metasploit
source_url	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb

Severity_range_score 10.0 - 10.0

Exploitability 2.0

Weighted_severity 9.0

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nmve-j4hs-t7b5

Vulnerability Instance