Candidate: CVE-2010-3571
PublicDate: 2010-10-19 22:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571
Description:
 Unspecified vulnerability in the 2D component in Oracle Java SE and Java
 for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows
 remote attackers to affect confidentiality, integrity, and availability via
 unknown vectors.  NOTE: the previous information was obtained from the
 October 2010 CPU.  Oracle has not commented on claims from a reliable
 researcher that this is an integer overflow in the color profile parser
 that allows remote attackers to execute arbitrary code via a crafted Tag
 structure in a color profile.
Ubuntu-Description:
  It was discovered that there was an unspecified vulnerability in the
  2D component.
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_sun-java6:
upstream_sun-java6: needs-triage
dapper_sun-java6: DNE
hardy_sun-java6: released (6.22-0ubuntu1~8.04.1)
jaunty_sun-java6: released (6.22-0ubuntu1~9.04.1)
karmic_sun-java6: released (6.22-0ubuntu1~9.10.1)
lucid_sun-java6: released (6.22-0ubuntu1~10.04)
maverick_sun-java6: released (6.22-0ubuntu1~10.10)
devel_sun-java6: DNE