CVE-2010-3860 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-3860 Interim 1 5 2023-12-09T01:54:19Z current 2021-05-30T12:54:18Z 2023-12-09T01:54:19Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-3860 IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JM6O73UJO5HWG5RGIFFSFKGTDNFSGYWB/#JM6O73UJO5HWG5RGIFFSFKGTDNFSGYWB E-Mail link for SUSE-SR:2010:023 https://www.suse.com/support/security/rating/ SUSE Security Ratings IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories. CVE-2010-3860 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N