← Volver a CVEs
CVE-2010-3860
N/ADescripcion
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado12/8/2010
Ultima modificacion4/29/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
redhat:icedtea
Debilidades (CWE)
CWE-200
Referencias
http://blog.fuseyism.com/index.php/2010/11/24/icedtea6-176-183-and-192-released/(secalert@redhat.com)
http://icedtea.classpath.org/hg/release/icedtea6-1.9/rev/9aa0018d8c28(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051711.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html(secalert@redhat.com)
http://secunia.com/advisories/42412(secalert@redhat.com)
http://secunia.com/advisories/42417(secalert@redhat.com)
http://secunia.com/advisories/43085(secalert@redhat.com)
http://security.gentoo.org/glsa/glsa-201406-32.xml(secalert@redhat.com)
http://www.redhat.com/support/errata/RHSA-2011-0176.html(secalert@redhat.com)
http://www.securityfocus.com/bid/45114(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-1024-1(secalert@redhat.com)
http://www.vupen.com/english/advisories/2010/3090(secalert@redhat.com)
http://www.vupen.com/english/advisories/2010/3108(secalert@redhat.com)
http://www.vupen.com/english/advisories/2011/0215(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=645843(secalert@redhat.com)
http://blog.fuseyism.com/index.php/2010/11/24/icedtea6-176-183-and-192-released/(af854a3a-2127-422b-91ae-364da2661108)
http://icedtea.classpath.org/hg/release/icedtea6-1.9/rev/9aa0018d8c28(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051711.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/42412(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/42417(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/43085(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201406-32.xml(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2011-0176.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/45114(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1024-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/3090(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/3108(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0215(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=645843(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.