{
    "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2010-0841",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.  NOTE: the previous information was obtained from the March 2010 CPU.  Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and \"stepX\"."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "APPLE-SA-2010-05-18-1",
                "refsource": "APPLE",
                "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
            },
            {
                "name": "HPSBMU02799",
                "refsource": "HP",
                "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
            },
            {
                "name": "39317",
                "refsource": "SECUNIA",
                "url": "http://secunia.com/advisories/39317"
            },
            {
                "name": "RHSA-2010:0383",
                "refsource": "REDHAT",
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0383.html"
            },
            {
                "name": "40545",
                "refsource": "SECUNIA",
                "url": "http://secunia.com/advisories/40545"
            },
            {
                "name": "ADV-2010-1454",
                "refsource": "VUPEN",
                "url": "http://www.vupen.com/english/advisories/2010/1454"
            },
            {
                "name": "39819",
                "refsource": "SECUNIA",
                "url": "http://secunia.com/advisories/39819"
            },
            {
                "name": "39067",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/39067"
            },
            {
                "name": "RHSA-2010:0338",
                "refsource": "REDHAT",
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
            },
            {
                "name": "ADV-2010-1793",
                "refsource": "VUPEN",
                "url": "http://www.vupen.com/english/advisories/2010/1793"
            },
            {
                "name": "APPLE-SA-2010-05-18-2",
                "refsource": "APPLE",
                "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
            },
            {
                "name": "20100405 ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability",
                "refsource": "BUGTRAQ",
                "url": "http://www.securityfocus.com/archive/1/510531/100/0/threaded"
            },
            {
                "name": "43308",
                "refsource": "SECUNIA",
                "url": "http://secunia.com/advisories/43308"
            },
            {
                "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
                "refsource": "CONFIRM",
                "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
            },
            {
                "name": "SSRT100179",
                "refsource": "HP",
                "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
            },
            {
                "name": "SSRT100089",
                "refsource": "HP",
                "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2"
            },
            {
                "name": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html",
                "refsource": "CONFIRM",
                "url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
            },
            {
                "name": "oval:org.mitre.oval:def:14144",
                "refsource": "OVAL",
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14144"
            },
            {
                "name": "HPSBUX02524",
                "refsource": "HP",
                "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2"
            },
            {
                "name": "http://support.apple.com/kb/HT4170",
                "refsource": "CONFIRM",
                "url": "http://support.apple.com/kb/HT4170"
            },
            {
                "name": "ADV-2010-1523",
                "refsource": "VUPEN",
                "url": "http://www.vupen.com/english/advisories/2010/1523"
            },
            {
                "name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
                "refsource": "CONFIRM",
                "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
            },
            {
                "name": "SUSE-SR:2010:008",
                "refsource": "SUSE",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
            },
            {
                "name": "39659",
                "refsource": "SECUNIA",
                "url": "http://secunia.com/advisories/39659"
            },
            {
                "name": "RHSA-2010:0471",
                "refsource": "REDHAT",
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0471.html"
            },
            {
                "name": "SUSE-SR:2010:017",
                "refsource": "SUSE",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
            },
            {
                "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-054/",
                "refsource": "MISC",
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-054/"
            },
            {
                "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
                "refsource": "CONFIRM",
                "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
            },
            {
                "name": "RHSA-2010:0337",
                "refsource": "REDHAT",
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
            },
            {
                "name": "RHSA-2010:0489",
                "refsource": "REDHAT",
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
            },
            {
                "name": "HPSBMA02547",
                "refsource": "HP",
                "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
            },
            {
                "name": "40211",
                "refsource": "SECUNIA",
                "url": "http://secunia.com/advisories/40211"
            },
            {
                "name": "http://support.apple.com/kb/HT4171",
                "refsource": "CONFIRM",
                "url": "http://support.apple.com/kb/HT4171"
            },
            {
                "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
                "refsource": "BUGTRAQ",
                "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
            },
            {
                "name": "ADV-2010-1191",
                "refsource": "VUPEN",
                "url": "http://www.vupen.com/english/advisories/2010/1191"
            }
        ]
    }
}