OpenJDK temporary files have guessable file names (6721753)

Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknow...

OpenJDK Privilege escalation in command line applications (6733959)

Stack-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with...

OpenJDK temporary files have guessable file names (6721753)

Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknow...

FreeBSD Ports: jdk

The remote host is missing an update to the system as announced in the referenced advisory. VID 18e5428f-ae7c-11d9-837d-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Firefox arbitrary signed JAR code execution

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via 1 injection of JavaScript into documents within a JAR archive or 2 a JAR archive that uses relative URLs to JavaScript files...

Firefox arbitrary signed JAR code execution

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via 1 injection of JavaScript into documents within a JAR archive or 2 a JAR archive that uses relative URLs to JavaScript files...

Important: Red Hat Security Advisory: Red Hat Directory Server 7.1 Service Pack 4 security update

Red Hat Directory Server 7.1 Service Pack 4: an updated redhat-ds package that fixes a security issue and several bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Red Hat Directory Server is an LDAPv3 compliant server. It...

CVE-2005-1080

Directory traversal vulnerability in the Java Archive Tool Jar utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. dot dot in filenames in a .jar file...

UBUNTU-CVE-2005-1080

Directory traversal vulnerability in the Java Archive Tool Jar utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. dot dot in filenames in a .jar file...

CVE-2005-1080

Directory traversal vulnerability in the Java Archive Tool Jar utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. dot dot in filenames in a .jar file...

CVE-2005-1080

The CVE-2005-1080 entry concerns a directory traversal vulnerability in the jar utility of the Java Archive Tool (Jar) used by J2SE SDK 1.4.2/1.5 and OpenJDK. The underlying issue allows a remote attacker to create or overwrite arbitrary files via a .. sequence in filenames stored inside a .jar f...

PT-2002-2518 · Hewlett Packard · Chaivm Ezloader

Name of the Vulnerable Software and Affected Versions: ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 affected versions not specified Description: The issue is related to the improper verification of JAR signatures for new services in ChaiVM EZloader. This allow...

Очередная дырка в Windows Media Player - в Java

В качестве skin можно загрузить и выполнить архив java .jar, что дает возможность чтения локальных файлов...