CVE-2010-0843

N/A Unknown

Published: April 01, 2010 Modified: April 29, 2026

Description

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

Source: secalert_us@oracle.com

http://lists.apple.com/archives/security-announce/2010//May/msg00001.html

Source: secalert_us@oracle.com

http://lists.apple.com/archives/security-announce/2010//May/msg00002.html

Source: secalert_us@oracle.com

http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

Source: secalert_us@oracle.com

http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

Source: secalert_us@oracle.com

http://marc.info/?l=bugtraq&m=127557596201693&w=2

Source: secalert_us@oracle.com

http://marc.info/?l=bugtraq&m=134254866602253&w=2

Source: secalert_us@oracle.com

http://osvdb.org/63492

Source: secalert_us@oracle.com

http://seclists.org/bugtraq/2010/Apr/41

Source: secalert_us@oracle.com

http://secunia.com/advisories/39317

Source: secalert_us@oracle.com

Vendor Advisory

http://secunia.com/advisories/39659

Source: secalert_us@oracle.com

Vendor Advisory

http://secunia.com/advisories/39819

Source: secalert_us@oracle.com

Vendor Advisory

http://secunia.com/advisories/40211

Source: secalert_us@oracle.com

Vendor Advisory

http://secunia.com/advisories/40545

Source: secalert_us@oracle.com

Vendor Advisory

http://secunia.com/advisories/43308

Source: secalert_us@oracle.com

Vendor Advisory

http://support.apple.com/kb/HT4170

Source: secalert_us@oracle.com

http://support.apple.com/kb/HT4171

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html

Source: secalert_us@oracle.com

http://www.redhat.com/support/errata/RHSA-2010-0337.html

Source: secalert_us@oracle.com

http://www.redhat.com/support/errata/RHSA-2010-0338.html

Source: secalert_us@oracle.com

http://www.redhat.com/support/errata/RHSA-2010-0383.html

Source: secalert_us@oracle.com

http://www.redhat.com/support/errata/RHSA-2010-0471.html

Source: secalert_us@oracle.com

http://www.redhat.com/support/errata/RHSA-2010-0489.html

Source: secalert_us@oracle.com

http://www.securityfocus.com/archive/1/516397/100/0/threaded

Source: secalert_us@oracle.com

http://www.securityfocus.com/bid/39083

Source: secalert_us@oracle.com

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

Source: secalert_us@oracle.com

http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

Source: secalert_us@oracle.com

http://www.vupen.com/english/advisories/2010/1191

Source: secalert_us@oracle.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/1454

Source: secalert_us@oracle.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/1523

Source: secalert_us@oracle.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/1793

Source: secalert_us@oracle.com

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-10-052/

Source: secalert_us@oracle.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14092

Source: secalert_us@oracle.com

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751