SuSE 11.2 Security Update : icedtea-web (SAT Patch Number 7642)

This update to version 1.3.2 fixes several security updates and common fixes. bnc815596 Security Updates - fixed gifar vulnerability. CVE-2013-1927 - Class-loader incorrectly shared for applets with same relative-path. Common. CVE-2013-1926 - Added new option in itw-settings which allows users to...

Ubuntu Update for icedtea-web USN-1804-2

Check for the Version of icedtea-web OpenVAS Vulnerability Test $Id: gbubuntuUSN18042.nasl 8672 2018-02-05 16:39:18Z teissa $ Ubuntu Update for icedtea-web USN-1804-2 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

Ubuntu 11.10 / 12.04 LTS : icedtea-web regression (USN-1804-2)

USN-1804-1 fixed vulnerabilities in IcedTea-Web. This update introduced a regression with the Java Network Launching Protocol JNLP when fetching content over SSL under certain configurations, such as when using the community-supported IcedTead 7 browser plugin. This update fixes the problem. We...

USN-1804-2: IcedTea-Web regression

USN-1804-1 fixed vulnerabilities in IcedTea-Web. This update introduced a regression with the Java Network Launching Protocol JNLP when fetching content over SSL under certain configurations, such as when using the community-supported IcedTead 7 browser plugin. This update fixes the problem. We...

[USN-1804-1] IcedTea-Web vulnerabilities

========================================================================== Ubuntu Security Notice USN-1804-1 April 18, 2013 icedtea-web vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 o...

Ubuntu Update for icedtea-web USN-1804-1

Check for the Version of icedtea-web OpenVAS Vulnerability Test $Id: gbubuntuUSN18041.nasl 8448 2018-01-17 16:18:06Z teissa $ Ubuntu Update for icedtea-web USN-1804-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : icedtea-web vulnerabilities (USN-1804-1)

Jiri Vanek discovered that IcedTea-Web would use the same classloader for applets from different domains. A remote attacker could exploit this to expose sensitive information or potentially manipulate applets from other domains. CVE-2013-1926 It was discovered that IcedTea-Web did not properly...

Java 7u21 Released with Code-Signing Restrictions, Warnings

The latest Java update released Tuesday includes new prompts warning users of potentially malicious applets, in addition to patches for 42 vulnerabilities, all but three of which are remotely exploitable. Java 7 update 21 is part of Oracle’s scheduled Critical Patch Updates for the program and...

icedtea-web: class loader sharing for applets with same codebase paths

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet...

CVE-2013-1926

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet...

Mac OS X : Java for Mac OS X 10.6 Update 15

The remote Mac OS X host has a version of Java for Mac OS X 10.6 that is missing Update 15, which updates the Java version to 1.6.045. It is, therefore, affected by multiple security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the...

RHEL 5 / 6 : Oracle Java SE (RHSA-2013:0666)

Updates to the java-1.6.0-sun packages that disable the Java Web Browser Plug-in and Web Start included in these packages. As a result, customers who rely on Java-based browser applets may need to re-configure their browser to use one of the Java implementations listed in the Solution section...

[Converter v0.7] Analyzing and Deobfuscating Malicious Scripts

Malicious Java applets have been making news for awhile so I thought I would update Converter to include some new features to help with deobfuscating them. This is a list of changes made to this version: + Replaced Binary-to/from-Text with Binary-to/from-Hex to make it more useful + Added Filter...

APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 o...

Ubuntu 10.10 : openjdk-6b18 vulnerabilities (USN-1079-3)

USN-1079-2 fixed vulnerabilities in OpenJDK 6 for armel ARM architectures in Ubuntu 9.10 and Ubuntu 10.04 LTS. This update fixes vulnerabilities in OpenJDK 6 for armel ARM architectures for Ubuntu 10.10. It was discovered that untrusted Java applets could create domain name resolution cache...

Ubuntu 9.10 / 10.04 LTS : openjdk-6b18 vulnerabilities (USN-1079-2)

USN-1079-1 fixed vulnerabilities in OpenJDK 6 for non-armel ARM architectures. This update provides the corresponding updates for OpenJDK 6 for use with the armel ARM architectures. In order to build the armel ARM OpenJDK 6 update for Ubuntu 10.04 LTS, it was necessary to rebuild binutils and...

Critical: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

Oracle Java JDK / JRE 7 < Update 17 Remote Code Execution (Windows)

The version of Oracle formerly Sun Java Runtime Environment JRE 7.x installed on the remote host is earlier than Update 17. It, therefore, potentially can allow remote code execution due to the following vulnerabilities related to the '2D' sub-component : - An integer overflow error exists relate...