VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 1, 2010· Updated Apr 29, 2026

CVE-2010-0084

CVE-2010-0084

Description

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An unspecified confidentiality vulnerability in Oracle Java SE/Java for Business 6u18, 5.0u23, and 1.4.2_25 allows remote information disclosure via unknown vectors.

Vulnerability

An unspecified vulnerability exists in the Java Runtime Environment (JRE) component of Oracle Java SE and Java for Business. Affected versions include Java SE 6 Update 18, Java SE 5.0 Update 23, and Java SE 1.4.2_25 [2][3][4]. The issue can be triggered by deserialization or improper handling of sensitive objects, leading to information leakage [3].

Exploitation

A remote attacker could exploit this vulnerability by tricking a user into running a specially crafted applet or untrusted Java application [3]. No authentication or special network position beyond delivering the malicious applet is required; user interaction is necessary to load the applet.

Impact

Successful exploitation results in unauthorized disclosure of sensitive information, compromising the confidentiality of the affected system [1][2][3][4]. The attacker may gain access to private data that should be isolated by the Java sandbox.

Mitigation

Oracle released fixes for this vulnerability in the Java CPU updates of April 2010. For Java SE 6, update to version 6 Update 19 or later; for Java SE 5.0, update to version 5.0 Update 24 or later; for Java SE 1.4.2, update to version 1.4.2_26 or later. Users should also apply vendor-specific patches, such as those provided by HP for HP-UX (patches for JDK/JRE 6.0.06, 5.0.19, and 1.4.2.24 earlier) [4] and Ubuntu's USN-923-1 for OpenJDK [3]. No workaround is noted in available references.

References
  1. Support Content Notification - Support Portal - Broadcom support portal
  2. '[security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JD'
  3. USN-923-1: OpenJDK vulnerabilities | Ubuntu security notices | Ubuntu
  4. '[security bulletin] HPSBUX02524 SSRT100089 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary'

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

135
  • Sun Corporation/Jdk41 versions
    cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*+ 40 more
    • cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:*:update_18:*:*:*:*:*:*range: <=1.6.0
    • cpe:2.3:a:sun:jdk:*:update23:*:*:*:*:*:*range: <=1.5.0
  • Sun Corporation/Jre66 versions
    cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*+ 65 more
    • cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*range: <=1.4.2_25
    • cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:*:update_18:*:*:*:*:*:*range: <=1.6.0
    • cpe:2.3:a:sun:jre:*:update23:*:*:*:*:*:*range: <=1.5.0
  • Sun Corporation/Sdk26 versions
    cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*+ 25 more
    • cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*range: <=1.4.2_25
    • cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_18:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_19:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_20:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_21:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_22:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_23:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_24:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*
  • Oracle Corporation/Java for Businessllm-create
    Range: = 6 Update 18, 5.0 Update 23, 1.4.2_25
  • Sun Corporation/Java Sellm-fuzzy
    Range: = 6 Update 18, 5.0 Update 23, 1.4.2_25

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

35

News mentions

0

No linked articles in our index yet.