215 matches found
jre8-openjdk-headless: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...
jre8-openjdk: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...
jdk8-openjdk: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...
OpenJDK: missing type safety checks for MethodHandle calls across class loaders, incorrect CVE-2013-5838 fix (Hotspot, 8151666)
An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions...
OpenJDK: missing type safety checks for MethodHandle calls across class loaders, incorrect CVE-2013-5838 fix (Hotspot, 8151666)
An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions...
bsh -- remote code execution vulnerability
Stian Soiland-Reyes reports: This release fixes a remote code execution vulnerability that was identified in BeanShell by Alvaro Muñoz and Christian Schneider. The BeanShell team would like to thank them for their help and contributions to this fix! An application that includes BeanShell on the...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314)
An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314)
An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314)
An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...
OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...