CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-3860

IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.3%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2010-3860

Redhat » Icedtea » Version: 1.0

cpe:2.3:a:redhat:icedtea:1.0
Redhat » Icedtea » Version: 1.1

cpe:2.3:a:redhat:icedtea:1.1
Redhat » Icedtea » Version: 1.2

cpe:2.3:a:redhat:icedtea:1.2
Redhat » Icedtea » Version: 1.3

cpe:2.3:a:redhat:icedtea:1.3
Redhat » Icedtea » Version: 1.4

cpe:2.3:a:redhat:icedtea:1.4
Redhat » Icedtea » Version: 1.5

cpe:2.3:a:redhat:icedtea:1.5
Redhat » Icedtea » Version: 1.5.2

cpe:2.3:a:redhat:icedtea:1.5.2
Redhat » Icedtea » Version: 1.6

cpe:2.3:a:redhat:icedtea:1.6
Redhat » Icedtea » Version: 1.7

cpe:2.3:a:redhat:icedtea:1.7
Redhat » Icedtea » Version: 1.8

cpe:2.3:a:redhat:icedtea:1.8
Redhat » Icedtea » Version: 1.8.1

cpe:2.3:a:redhat:icedtea:1.8.1
Redhat » Icedtea » Version: 1.8.2

cpe:2.3:a:redhat:icedtea:1.8.2
Redhat » Icedtea » Version: 1.9

cpe:2.3:a:redhat:icedtea:1.9
Redhat » Icedtea » Version: 1.9.1

cpe:2.3:a:redhat:icedtea:1.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-3860

Products

Pricing

Contact Us