CVE-2010-0847

Publication date 1 April 2010

Last updated 24 July 2024

Ubuntu priority

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
openjdk-6	11.04 natty	Not affected
	10.10 maverick	Not affected
	10.04 LTS lucid	Not affected
	9.10 karmic	Fixed 6b16-1.6.1-3ubuntu3
	9.04 jaunty	Fixed 6b14-1.4.1-0ubuntu13
	8.10 intrepid	Fixed 6b12-0ubuntu6.7
	8.04 LTS hardy	Fixed 6b11-2ubuntu2.2
	6.06 LTS dapper	Not in release
sun-java5	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not in release
	9.10 karmic	Not in release
	9.04 jaunty	Ignored end of life
	8.10 intrepid	Ignored end of life, was needed
	8.04 LTS hardy	Ignored end of life
	6.06 LTS dapper	Ignored end of life
sun-java6	11.04 natty	Not affected
	10.10 maverick	Not affected
	10.04 LTS lucid	Not affected
	9.10 karmic	Fixed 6.20dlj-0ubuntu1.9.10
	9.04 jaunty	Fixed 6.20dlj-0ubuntu1.9.04
	8.10 intrepid	Ignored end of life, was needs-triage
	8.04 LTS hardy	Fixed 6.20dlj-0ubuntu1.8.04
	6.06 LTS dapper	Not in release

References

Related Ubuntu Security Notices (USN)

USN-923-1
OpenJDK vulnerabilities
7 April 2010

CVE-2010-0847

Status

References

Related Ubuntu Security Notices (USN)

Other references