CVE-2010-4456

Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://osvdb.org/70586
http://secunia.com/advisories/42990
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html	Vendor Advisory
http://www.securityfocus.com/bid/45896
http://www.vupen.com/english/advisories/2011/0157
https://exchange.xforce.ibmcloud.com/vulnerabilities/64815

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sun:java_system_communications_express:6.2:::::::*
	cpe:2.3:a:sun:java_system_communications_express:6.3:::::::*

History

No history.

Information

Published : 2011-01-19 17:00

Updated : 2024-02-28 11:41

NVD link : CVE-2010-4456

Mitre link : CVE-2010-4456

CVE.ORG link : CVE-2010-4456

JSON object : View

Products Affected

sun

java_system_communications_express

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-4456", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-01-19T17:00:02.780", "references": [{"url": "http://osvdb.org/70586", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/42990", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/45896", "source": "secalert_us@oracle.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0157", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64815", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle Sun Java System Communications Express v6.2 y v6.3 permite a atacantes remotos afectar a la integridad a trav\u00e9s de vectores desconocidos relacionados con la Web de correo."}], "lastModified": "2017-08-17T01:33:12.820", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_communications_express:6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FB18998-F782-4B46-8993-6C24BC993FFB"}, {"criteria": "cpe:2.3:a:sun:java_system_communications_express:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A472656-CEDB-4AE6-89DE-6686BB0F1EB2"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}