Release DateNov 02, 2010 |
Severitylow |
ImpactSystem compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a buffer-overflow vulnerability inOracle Java. This isssue is caused by an error when the vulnerable software handles a malicious docBase parameter of a Java applet. It allows a remote attacker to execute arbitrary code via sending a crafted web page. |
Affected ProductsOracle Java Runtime Environment version 1.6.0_21 |
Recommended ActionsRefer to the vendor's website for the suggested workaround:http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2010-3552 |
