Oracle Java SE Multiple Vulnerabilities -01 Feb 13 (Windows)

This host is installed with Oracle Java SE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboraclejavasemultvuln01feb13win.nasl 7699 2017-11-08 12:10:34Z santu $ Oracle Java SE Multiple Vulnerabilities -01 Feb 13 Windows Authors: Arun Kallavi Copyright: Copyright c 2013...

Java JAX-WS gmbal package sandbox breach

Added: 11/23/2012 CVE: CVE-2012-5076 BID: 56054 OSVDB: 86350 Background Java API for XML Web Services JAX-WS is a technology for developing web services in Java. It is included in the Java EE 5 platform. Problem A vulnerability in JAX-WS when handling the gmbal package allows code execution outsi...

Java JAX-WS gmbal package sandbox breach

Added: 11/23/2012 CVE: CVE-2012-5076 BID: 56054 OSVDB: 86350 Background Java API for XML Web Services JAX-WS is a technology for developing web services in Java. It is included in the Java EE 5 platform. Problem A vulnerability in JAX-WS when handling the gmbal package allows code execution outsi...

[SECURITY] Fedora 16 Update: apache-poi-3.8-1.fc16

The Apache POI Project's mission is to create and maintain Java APIs for manipulating various file formats based upon the Office Open XML standards OOXML and Microsoft's OLE 2 Compound Document format OLE2. In short, you can read and write MS Excel files using Java. In addition, you can read and...

USN-1263-1: IcedTea-Web, OpenJDK 6 vulnerabilities

Deepak Bhole discovered a flaw in the Same Origin Policy SOP implementation in the IcedTea web browser plugin. This could allow a remote attacker to open connections to certain hosts that should not be permitted. CVE-2011-3377 Juliano Rizzo and Thai Duong discovered that the block-wise AES...

IBM WebSphere Application Server 6.1 < 6.1.0.33 Multiple Vulnerabilities

IBM WebSphere Application Server 6.1 before Fix Pack 33 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - An unspecified cross-site scripting vulnerability exists in the Administration Console. PM09250, PM11778 - An unspecified error exis...

Apple QTJava toQTPointer() Arbitrary Memory Access

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Apple QTJava toQTPointer Arbitra...

Mandrake Security Advisory MDVSA-2009:162 (java-1.6.0-openjdk)

The remote host is missing an update to java-1.6.0-openjdk announced via advisory MDVSA-2009:162. OpenVAS Vulnerability Test $Id: mdksa2009162.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:162 java-1.6.0-openjdk Authors: Thomas Reinke Copyright:...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2009:137)

Multiple security vulnerabilities has been identified and fixed in Little cms library embedded in OpenJDK : A memory leak flaw allows remote attackers to cause a denial of service memory consumption and application crash via a crafted image file CVE-2009-0581. Multiple integer overflows allow...

Java-API calls in untrusted Javascript allow network privilege escalation

Unspecified vulnerability in Sun JDK and Java Runtime Environment JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java AP...

Critical: Red Hat Security Advisory: java-1.6.0-sun security update

Updated java-1.6.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the...

Java-API calls in untrusted Javascript allow network privilege escalation

Unspecified vulnerability in Sun JDK and Java Runtime Environment JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java AP...

Apple QTJava toQTPointer() Arbitrary Memory Access

This module exploits an arbitrary memory access vulnerability in the Quicktime for Java API provided with Quicktime 7. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apple QTJava toQTPointer...

Apple QuickTime for Java 7 - Memory Access (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Apple QTJava...

Solaris 5.9 (sparc) : 117881-02

Application Server 7.1: Java API for XML Parsing 1.2 Patch. Date this patch was last updated by Sun : Feb/18/05 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security...

Solaris 5.8 (sparc) : 117881-02

Application Server 7.1: Java API for XML Parsing 1.2 Patch. Date this patch was last updated by Sun : Feb/18/05 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security...

Solaris 5.9 (x86) : 117882-02

Application Server 7.1x86: Java API for XML Parsing 1.2 Patch. Date this patch was last updated by Sun : Feb/18/05 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...

Solaris 9 (x86) : 116299-20

Sun One Application Server 7.0x86: Java API for XML Parsing 1.2 P. Date this patch was last updated by Sun : May/23/06 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

CVE-2004-2626

The CVE-2004-2626 entry describes a GUI overlay vulnerability in the Java API of Siemens S55 mobile phones. The web-facing description states that remote attackers can trigger unauthorized SMS messages by overlaying a confirmation prompt with a malicious message. Affected component: the Java API ...

CVE-2004-2626

GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message...