Unspecified vulnerability in Oracle Java SE and Java for Business allows remote attackers to cause denial of service and possibly execute arbitrary code

Unspecified vulnerability in Oracle Java SE and Java for Business allows remote attackers to cause denial of service and possibly execute arbitrary code

CVE-2010-3562 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.

Learn more about our Web Application Penetration Testing UK.