CVE-2010-4470: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and
Summary
CVE-2010-4470 is an unspecified vulnerability in Oracle Java SE and Java for Business version 6 Update 23 and earlier that allows remote attackers to cause availability problems (making systems unavailable or unresponsive) through unknown attack methods related to JAXP (Java API for XML Processing, a tool for handling XML files) and unspecified APIs (pre-built functions). The exact details of how the vulnerability works remain unclear.
Solution / Mitigation
Oracle released patches in February 2011 and April 2011 CPU (critical patch updates, regular security fix packages). Users should update to patched versions available through Oracle's security advisories at http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html and http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html, or apply vendor-specific patches from distributors like Red Hat, Debian, Mandriva, Fedora, and Gentoo referenced in the source.
Vulnerability Details
5
EPSS: 8.1%
Classification
Original source: https://nvd.nist.gov/vuln/detail/CVE-2010-4470
First tracked: February 15, 2026 at 08:43 PM
Classified by LLM (prompt v3) · confidence: 95%