CVE-2010-3563
Published: 19 October 2010
Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to "how Web Start retrieves security policies," BasicServiceImpl, and forged policies that bypass sandbox restrictions.
From the Ubuntu Security Team
It was discovered that an unspecified vulnerability exists in the Deployment component.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
sun-java6 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Released
(6.22-0ubuntu1~8.04.1)
|
|
| jaunty |
Released
(6.22-0ubuntu1~9.04.1)
|
|
| karmic |
Released
(6.22-0ubuntu1~9.10.1)
|
|
| lucid |
Released
(6.22-0ubuntu1~10.04)
|
|
| maverick |
Released
(6.22-0ubuntu1~10.10)
|
|
| upstream |
Needs triage
|