VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 17, 2011· Updated Apr 29, 2026

CVE-2010-4422

CVE-2010-4422

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Unspecified vulnerability in the Deployment component of Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to compromise confidentiality, integrity, and availability.

Vulnerability

An unspecified vulnerability exists in the Java Runtime Environment (JRE) Deployment component of Oracle Java SE and Java for Business versions 6 Update 23 and earlier [1][2]. The exact nature of the flaw is not disclosed, but it is remotely exploitable.

Exploitation

A remote attacker can exploit this vulnerability without authentication by sending a specially crafted request or by enticing a user to interact with a malicious Java applet or Java Web Start application. The attack vectors are unknown but are related to the Deployment subsystem.

Impact

Successful exploitation can lead to complete compromise of confidentiality, integrity, and availability, potentially allowing an attacker to execute arbitrary code, disclose sensitive information, or cause a denial of service [1][2].

Mitigation

Oracle addressed this vulnerability in the Critical Patch Update for February 2011, which is included in Java SE 6 Update 24 and later. HP also released updates for HP Network Node Manager i (NNMi) versions 9.0x and 9.1x that incorporate the fix [1][2]. Users should apply the latest Java updates from Oracle or their vendor.

References
  1. '[security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JD'
  2. '[security bulletin] HPSBMU02797 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.1x Running JD'

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

47
  • Sun Corporation/Jdk23 versions
    cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*+ 22 more
    • cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:*:update_23:*:*:*:*:*:*range: <=1.6.0
  • Sun Corporation/Jre22 versions
    cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*+ 21 more
    • cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:*:update_23:*:*:*:*:*:*range: <=1.6.0
  • Sun Corporation/Java Sellm-fuzzy
    Range: <=6 Update 23
  • Oracle Corporation/Java for Businessllm-fuzzy
    Range: <=6 Update 23

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.