GLSA-200701-15 : Sun JDK/JRE: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200701-15 Sun JDK/JRE: Multiple vulnerabilities Chris Evans has discovered multiple buffer overflows in Sun JDK and Sun JRE possibly related to various AWT or font layout functions. Tom Hawtin has discovered an unspecified...

Sun JDK/JRE: Multiple vulnerabilities

Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description Chris Evans has discovered multiple buffer overflows in Sun JDK and Sun JRE possibly related to various AWT or font layout functions. Tom Hawtin has discovered an...

Multiple OpenOffice security vulnerabilities

BASIC macro auto launch without user intercation, Java applet sandbox protection bypass, XML parsing buffer overflow...

JDK java applet disk space DoS

It's possible to consume all available disk space with temporary file...

Sun Java Reflection API security bypass vulnerabilities

Overview Multiple vulnerabilities in the Sun Java Reflection API may allow an untrusted Java applet to bypass security restrictions and execute arbitrary code. Description The Sun Java Reflection API allows Java classes to determine information about other Java classes, such as public methods...

GLSA-200601-10 : Sun and Blackdown Java: Applet privilege escalation

The remote host is affected by the vulnerability described in GLSA-200601-10 Sun and Blackdown Java: Applet privilege escalation Adam Gowdiak discovered multiple vulnerabilities in the Java Runtime Environment's Reflection APIs that may allow untrusted applets to elevate privileges. Impact : A...

CVE-2005-4197

tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet...

CVE-2005-3946

Opera 8.50 allows remote attackers to cause a denial of service crash via a Java applet with a large string argument to the removeMember JNI method for the com.opera.JSObject class...

CVE-2005-3946

Opera 8.50 allows remote attackers to cause a denial of service crash via a Java applet with a large string argument to the removeMember JNI method for the com.opera.JSObject class...

Important: Red Hat Security Advisory: kdelibs security update

Updated kdelibs packages that resolve security issues in Konqueror are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdelibs packages include libraries for the K Desktop Environment. Two flaw...

Konqueror: Java sandbox vulnerabilities

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. Konqueror is the KDE web browser and file manager. Description Konqueror contains two errors that allow JavaScript scripts and Java applets to have access to restricted Java classes. Impact A...

Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:154)

A vulnerability in the Konqueror webbrowser was discovered where an untrusted java applet could escalate privileges through JavaScript calling into Java code. This includes the reading and writing of files with the privileges of the user running the applet. The provided packages have been patched...

GLSA-200411-38 : Sun and Blackdown Java: Applet privilege escalation

The remote host is affected by the vulnerability described in GLSA-200411-38 Sun and Blackdown Java: Applet privilege escalation All Java plug-ins are subject to a vulnerability allowing unrestricted Java package access. Impact : A remote attacker could embed a malicious Java applet in a web page...

Sun and Blackdown Java: Applet privilege escalation

Background Sun and Blackdown both provide implementations of Java Development Kits JDK and Java Runtime Environments JRE. All these implementations provide a Java plug-in that can be used to execute Java applets in a restricted environment for web browsers. Description All Java plug-ins are subje...

Sun Java Applet 1.x - Invocation Version Specification

Sun Java Applet 1.x - Invocation Version Specification source: https://www.securityfocus.com/bid/11757/info Java provides support for dynamic and static versioning when loading applets in the Java plug-in. This means that during the invocation of an applet, a user can request that a particular...

CVE-2002-1257

The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...

CVE-2002-1260

The Java Database Connectivity JDBC APIs in Microsoft Virtual Machine VM 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet...

CVE-2002-1257

Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM Component Object Model objects in a web site or an HTML mail...

CVE-2002-1325

Microsoft Virtual Machine VM build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."...

EUVD-2002-1244

The Java Database Connectivity JDBC APIs in Microsoft Virtual Machine VM 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet...