OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)

An information leak flaw was found in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...

OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)

An information leak flaw was found in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...

OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)

An information leak flaw was found in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...

OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX...

OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)

An information leak flaw was found in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...

OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX...

Oracle Java SE and Java SE Embedded JMX Subcomponent Arbitrary Code Execution Vulnerability

Oracle Java SE and Java SE Embedded are both products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, as well as embedded devices and real-time environments; Java SE Embedded is a Java platform for the developmen...

UBUNTU-CVE-2015-2621

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX...

UBUNTU-CVE-2015-4731

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX...

OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX...

OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX...

OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)

An information leak flaw was found in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...

OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)

An information leak flaw was found in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...

OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX...

Apache Cassandra Remote Arbitrary Code Execution Vulnerability

Apache Cassandra is an open source distributed database management system developed by Facebook for storing exceptionally large data. Cassandra's default configuration binds unauthenticated JMX/RMI interfaces to all network interfaces. Since RMI is the API for transporting and remotely executing...

OpenJDK: SubjectDelegator protection insufficient (JMX, 8029755)

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX...

PT-2014-8415 · Unknown · Thermostat

Name of the Vulnerable Software and Affected Versions: Thermostat version prior to 1.0.6 Description: The issue allows local users to obtain the JMX management URLs of all local Java virtual machines and gain privileges via unknown vectors when using unspecified configurations. Recommendations: F...

thermostat: local JMX URL disclosure

It was discovered that, in certain configurations, the Thermostat agent disclosed JMX management URLs of all local Java virtual machines to any local user. A local, unprivileged user could use this flaw to escalate their privileges on the system...

Java RMI Server Insecure Default Configuration Java Code Execution

This module takes advantage of the default configuration of the RMI Registry and RMI Activation services, which allow loading classes from any remote HTTP URL. As it invokes a method in the RMI Distributed Garbage Collector which is available via every RMI endpoint, it can be used against both...

UBUNTU-CVE-2013-4444

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file...