CVE-2010-0840

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Apr 1, 2010

Updated: Jan 6, 2025

Summary

CVE-2010-0840 is a vulnerability affecting the Oracle Java Runtime Environment in versions 6 Update 18, 5.0 Update 23, and 1.4.2_25. The issue remains unspecified, but it allows remote attackers to impact confidentiality, integrity, and availability. According to March 2010 CPU, the issue may be related to improper checks when executing privileged methods in the JRE. A reliable researcher claims that this vulnerability can be exploited through an untrusted object extending a trusted class without modifying a specific method, or through a similar trust issue with interfaces, enabling arbitrary code execution. Oracle has yet to comment on these findings.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Ubuntu Linux
Java Runtime Environment
Open SUSE

Affected Vendors

Opensuse
Canonical System

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners