CVE-2014-2423

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

CVE-2014-0452

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

CVE-2014-0458

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423...

Buffer overflow

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

CVE-2014-0458

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423...

CVE-2014-0452

CVE-2014-0452 is an Oracle Java SE vulnerability affecting Java 6u71, 7u51, 8 and Java SE Embedded 7u51, with the issue related to the JAX-WS component. The vulnerability is described as unspecified with partial confidentiality, integrity, and availability impact (C/P, I/P, A/P). Exploitation vec...

CVE-2014-0452

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is earlier than 8 Update 5, 7 Update 55, 6 Update 75, or 5 Update 65. It is, therefore, potentially affected by security issues in the following components : - 2D - AWT - Deployment - Hotspot - JAX-WS -...

CVE-2014-0458

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423...

CVE-2014-2423

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

UBUNTU-CVE-2014-0452

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

CVE-2014-0452

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

Java Applet JAX-WS Remote Code Execution - Ver2 (CVE-2012-5076)

A security bypass vulnerability has been reported in Java Runtime Environment JRE. The vulnerability is due to insufficient access restriction in the default Java security properties configuration. A remote attacker can exploit this vulnerability by enticing a target user to open an untrusted,...

RHEL 5 : JBoss EAP (RHSA-2013:1784)

An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having low security impact. Common...

CVE-2013-2133

The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform EAP before 6.2.0, does not properly enforce the method level restrictions for JAX-WS Service endpoints, which allows remote authenticated users to access otherwise restricted JAX-WS...

Input validation

The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform EAP before 6.2.0, does not properly enforce the method level restrictions for JAX-WS Service endpoints, which allows remote authenticated users to access otherwise restricted JAX-WS...

CVE-2013-2133

The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform EAP before 6.2.0, does not properly enforce the method level restrictions for JAX-WS Service endpoints, which allows remote authenticated users to access otherwise restricted JAX-WS...

CVE-2013-2133

The CVE-2013-2133 issue affects Red Hat JBossWS within JBoss EAP older than 6.2.0. The EJB invocation handler for JAX-WS Service endpoints fails to enforce method-level restrictions, allowing remote authenticated users to access handlers that should be restricted due to permissions on the EJB cla...

OpenJDK: insufficient security checks (JAXWS, 8017505)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS...

RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.2.0 update (Low) (RHSA-2013:1785)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1785 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. The HawtJNI Library...