CVE-2010-4471

N/A Unknown

Published: February 17, 2011 Modified: April 29, 2026

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html

Source: secalert_us@oracle.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html

Source: secalert_us@oracle.com

http://marc.info/?l=bugtraq&m=134254866602253&w=2

Source: secalert_us@oracle.com

http://marc.info/?l=bugtraq&m=134254957702612&w=2

Source: secalert_us@oracle.com

http://secunia.com/advisories/43350

Source: secalert_us@oracle.com

Vendor Advisory

http://secunia.com/advisories/44954

Source: secalert_us@oracle.com

Vendor Advisory

http://security.gentoo.org/glsa/glsa-201406-32.xml

Source: secalert_us@oracle.com

http://www.debian.org/security/2011/dsa-2224

Source: secalert_us@oracle.com

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html

Source: secalert_us@oracle.com

http://www.mandriva.com/security/advisories?name=MDVSA-2011:054

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

Source: secalert_us@oracle.com

Patch Vendor Advisory

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

Source: secalert_us@oracle.com

Patch Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2011-0282.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2011-0880.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.securityfocus.com/bid/46399

Source: secalert_us@oracle.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/65405

Source: secalert_us@oracle.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12089

Source: secalert_us@oracle.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14417

Source: secalert_us@oracle.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=134254866602253&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=134254957702612&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/43350

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/44954

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://security.gentoo.org/glsa/glsa-201406-32.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2011/dsa-2224

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2011:054

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2011-0282.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2011-0880.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/46399

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/65405

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12089

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14417

Source: af854a3a-2127-422b-91ae-364da2661108

36 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

2.3%

81th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

sun