Unrated severityNVD Advisory· Published Jan 13, 2010· Updated Apr 23, 2026

CVE-2010-0070

Description

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect integrity via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An unspecified vulnerability in Oracle Containers for J2EE in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to compromise data integrity via unknown vectors.

Vulnerability

An unspecified vulnerability exists in the Oracle Containers for J2EE component of Oracle Application Server versions 10.1.2.3 and 10.1.3.4 [1]. The vulnerability is remotely exploitable via unknown vectors, as described in the Oracle Critical Patch Update January 2010 [1].

Exploitation

Remote attackers can exploit this vulnerability without authentication, as the description indicates remote access is sufficient [1]. The exact exploitation steps are not disclosed, but the attack vector is network-based [1].

Impact

Successful exploitation allows an attacker to affect the integrity of the system, potentially leading to unauthorized modification of data [1]. The specific scope of integrity compromise is not detailed in the available references.

Mitigation

Oracle released a Critical Patch Update in January 2010 that addresses this vulnerability [1]. Affected versions are Oracle Application Server 10.1.2.3 and 10.1.3.4; applying the CPU is the recommended mitigation. No workarounds are documented in the references.

References

Oracle Updates for Multiple Vulnerabilities | CISA

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Oracle Corporation/Application Server2 versions
cpe:2.3:a:oracle:application_server:10.1.2.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:application_server:10.1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:10.1.3.4:*:*:*:*:*:*:*
Oracle Corporation/Oracle Containers for J2EEllm-fuzzy
Range: 10.1.2.3, 10.1.3.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.us-cert.gov/cas/techalerts/TA10-012A.htmlnvdUS Government Resource
www.oracle.com/technetwork/topics/security/cpujan2010-084891.htmlnvd
www.securitytracker.com/idnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000