Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.
References
Link Providers
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html cve-icon cve-icon
http://marc.info/?l=bugtraq&m=134254866602253&w=2 cve-icon cve-icon
http://secunia.com/advisories/41967 cve-icon cve-icon
http://secunia.com/advisories/41972 cve-icon cve-icon
http://secunia.com/advisories/42377 cve-icon cve-icon
http://secunia.com/advisories/42432 cve-icon cve-icon
http://secunia.com/advisories/42974 cve-icon cve-icon
http://secunia.com/advisories/44954 cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-201406-32.xml cve-icon cve-icon
http://support.avaya.com/css/P8/documents/100114315 cve-icon cve-icon
http://support.avaya.com/css/P8/documents/100114327 cve-icon cve-icon
http://support.avaya.com/css/P8/documents/100123193 cve-icon cve-icon
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0768.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0770.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0807.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0865.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0873.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0935.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0987.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2011-0152.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2011-0880.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/516397/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/44011 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1010-1 cve-icon cve-icon
http://www.vmware.com/security/advisories/VMSA-2011-0003.html cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/3086 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/3112 cve-icon cve-icon
http://www.vupen.com/english/advisories/2011/0134 cve-icon cve-icon
http://www.vupen.com/english/advisories/2011/0143 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=642215 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2010-3574 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12367 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12462 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2010-3574 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2010-10-19T21:00:00

Updated: 2024-08-07T03:11:44.635Z

Reserved: 2010-09-20T00:00:00

Link: CVE-2010-3574

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-10-19T22:00:03.690

Modified: 2024-11-21T01:19:09.153

Link: CVE-2010-3574

cve-icon Redhat

Severity : Moderate

Publid Date: 2010-10-12T00:00:00Z

Links: CVE-2010-3574 - Bugzilla