158 matches found
CVE-2008-5343
Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF an...
Design/Logic Flaw
Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka...
CVE-2008-5339
CVE-2008-5339 affects Sun JDK/JRE components (Java Web Start and Java Plug-in) across multiple older builds: Java 6 Update 10 and earlier, Java 5.0 Update 16 and earlier, and SDK/JRE 1.4.2_18 and earlier. The description indicates an unspecified vulnerability where untrusted JWS applications coul...
CVE-2008-5342
CVE-2008-5342 affects Sun Java implementations: BasicService for Java Web Start and Java Plug-in on Sun JDK/JRE 6u10 and earlier; JDK/JRE 5.0u16 and earlier; and SDK/JRE 1.4.2_18 and earlier. The vulnerability is described as an unspecified flaw in these components that could allow an untrusted d...
CVE-2008-5340
CVE-2008-5340 concerns an unspecified vulnerability in Java Web Start (JWS) and Java Plug-in affecting Sun JDK/JRE lines: Java SE 6 Update 10 and earlier; Java SE 5.0 Update 16 and earlier; and SDK/JRE 1.4.2_18 and earlier. The untrusted JWS applications can gain privileges to access local files ...
CVE-2008-5341
CVE-2008-5341 describes an unspecified vulnerability in Sun Java Web Start (JWS) and Java Plug-in affecting Sun JDK/JRE 6 Update 10 and earlier, and JDK/JRE 5.0 Update 16 and earlier. The issue allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username ...
CVE-2008-5344
Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors...
CVE-2008-5344
The CVE-2008-5344 entry describes an unspecified vulnerability in Sun Java Web Start (JWS) and Java Plug-in affecting Sun JDK/JRE 6u10 and earlier, JDK/JRE 5.0u16 and earlier, and SDK/JRE 1.4.2_18 and earlier. The issue allows untrusted applets to read arbitrary files and make unauthorized networ...
CVE-2008-5343
Vulnerability GIFAR (CVE-2008-5343) affects Java Web Start (JWS) and Java Plug-in in Sun JDK/JRE 6u10 and earlier, JDK/JRE 5.0u16 and earlier, and SDK/JRE 1.4.2_18 and earlier. A crafted file that validates as both GIF and Java JAR can allow remote attackers to make unauthorized network connectio...
CVE-2008-2086
Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the 1 java.home, 2 java.ext.dirs, or 3 user.home System...
CVE-2008-2086
CVE-2008-2086 affects Sun Java Web Start and Java Plug-in used by JDK/JRE 6 Update 10 and earlier; JDK/JRE 5.0 Update 16 and earlier; SDK/JRE 1.4.2_18 and earlier. It arises from a crafted jnlp file that modifies the java.home, java.ext.dirs, or user.home System Properties, enabling remote attack...
JavaWebStart allows unauthorized network connections
Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka...
Java WebStart privilege escalation
Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors,...
Java WebStart unprivileged local file and network access
Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors...
Java Plugin same-origin-policy bypass
Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier, and 1.3.121 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors...
Java Plugin same-origin-policy bypass
Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier, and 1.3.121 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors...
Critical: Red Hat Security Advisory: java-1.6.0-ibm security update
Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.6.0 Java release includes the IBM Java 2 Runtime Environmen...
Java Plugin same-origin-policy bypass
Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier, and 1.3.121 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors...
Critical: Red Hat Security Advisory: java-1.5.0-ibm security update
Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.5.0 Java release includes the IBM Java 2 Runti...