CVE-2010-3573

N/A Unknown

Published: October 19, 2010 Modified: April 29, 2026

Description

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748

Source: secalert_us@oracle.com

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html

Source: secalert_us@oracle.com

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html

Source: secalert_us@oracle.com

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html

Source: secalert_us@oracle.com

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

Source: secalert_us@oracle.com

http://marc.info/?l=bugtraq&m=134254866602253&w=2

Source: secalert_us@oracle.com

http://secunia.com/advisories/41967

Source: secalert_us@oracle.com

Vendor Advisory

http://secunia.com/advisories/41972

Source: secalert_us@oracle.com

Vendor Advisory

http://secunia.com/advisories/42974

Source: secalert_us@oracle.com

Vendor Advisory

http://secunia.com/advisories/44954

Source: secalert_us@oracle.com

Vendor Advisory

http://security.gentoo.org/glsa/glsa-201406-32.xml

Source: secalert_us@oracle.com

http://support.avaya.com/css/P8/documents/100114315

Source: secalert_us@oracle.com

http://support.avaya.com/css/P8/documents/100114327

Source: secalert_us@oracle.com

http://support.avaya.com/css/P8/documents/100123193

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

Source: secalert_us@oracle.com

Patch Vendor Advisory

http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

Source: secalert_us@oracle.com

Patch Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0768.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0770.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0807.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0865.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0873.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0987.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2011-0880.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.securityfocus.com/archive/1/516397/100/0/threaded

Source: secalert_us@oracle.com

http://www.ubuntu.com/usn/USN-1010-1

Source: secalert_us@oracle.com

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

Source: secalert_us@oracle.com

https://bugzilla.redhat.com/show_bug.cgi?id=642202

Source: secalert_us@oracle.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11990

Source: secalert_us@oracle.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12220

Source: secalert_us@oracle.com

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748