CVE-2010-3860: CVE-2010-3860

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-3860

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Red Hat IcedTea信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

IcedTea用开源实现去替换OpenJDK中那些非开源部分，并为当前缺乏平台移植性OpenJDK提供可移植性，为java社区提供一个完整的开源工具链及代码库。基于OpenJDK 6的IcedTea 1.7.6之前的1.7.x版本，1.8.3之前的1.8.x版本，以及1.9.2之前的1.9.x版本声明多个敏感变量为公共变量。远程攻击者可利用该漏洞获取包含user.name，user.home，以及java.home系统属性的敏感信息，以及其他诸如安装目录下的敏感信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2010-3860

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2010-3860

Please Login to view more intelligence information

https://bugzilla.redhat.com/show_bug.cgi?id=645843x_refsource_CONFIRM
http://icedtea.classpath.org/hg/release/icedtea6-1.9/rev/9aa0018d8c28x_refsource_CONFIRM
http://blog.fuseyism.com/index.php/2010/11/24/icedtea6-176-183-and-192-released/x_refsource_CONFIRM
http://secunia.com/advisories/43085third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/45114vdb-entryx_refsource_BID
http://secunia.com/advisories/42412third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/42417third-party-advisoryx_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-1024-1vendor-advisoryx_refsource_UBUNTU
http://www.vupen.com/english/advisories/2010/3090vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2011/0215vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/3108vdb-entryx_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2011-0176.htmlvendor-advisoryx_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-201406-32.xmlvendor-advisoryx_refsource_GENTOO
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlvendor-advisoryx_refsource_SUSE
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051711.htmlvendor-advisoryx_refsource_FEDORA
https://nvd.nist.gov/vuln/detail/CVE-2010-3860

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2010-3860

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2010-3860

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2010-3860

III. Intelligence Information for CVE-2010-3860

IV. Related Vulnerabilities

V. Comments for CVE-2010-3860

Leave a comment