4327 matches found
CVE-2008-5352
CVE-2008-5352: Integer overflow in Pack200 jar unpacking in unpack200 (unpack.dll) used by Java Runtime Environment (JRE) for Sun JDK/JRE. Affected: JRE/JDK 6 Update 10 and earlier, and JDK/JRE 5.0 Update 16 and earlier. The overflow in the heap-based buffer can allow untrusted applications and a...
CVE-2008-5356
CVE-2008-5356 describes a heap-based buffer overflow in Java Runtime Environment font parsing that can be triggered by a crafted TrueType font, potentially allowing remote code execution. Affected products include Sun JDK/JRE 6u10 and earlier, JDK/JRE 5.0u16 and earlier, and SDK/JRE 1.4.2_18 and ...
CVE-2008-5347
Multiple unspecified vulnerabilities in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the 1 JAX-WS and 2 JAXB packages...
CVE-2008-5360
Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknow...
CVE-2008-5351
CVE-2008-5351 affects Java Runtime Environment (Sun JDK/JRE 6 Update 10 and earlier; JDK/JRE 5.0 Update 16 and earlier; SDK/JRE 1.4.2_18 and earlier). The issue is that UTF-8 encodings in use may not be the shortest form, which can allow bypassing protection mechanisms relying on shortest-form UT...
CVE-2008-5359
CVE-2008-5359 is a buffer overflow in the Sun Java Runtime Environment (JRE) affecting JRE/JDK versions up to: 6 Update 10 and earlier; 5.0 Update 16 and earlier; 1.4.2_18 and earlier; and 1.3.1_23 and earlier. Root cause involves a ConvolveOp operation in the AWT library, enabling a remote attac...
CVE-2008-5354
CVE-2008-5354 describes a stack-based buffer overflow in Sun JRE/JDK/J2SE components that affects JRE/JDK 6u10 and earlier, 5.0u16 and earlier, and 1.4.2_18 and earlier. The vulnerability allows arbitrary code execution when a user opens a crafted JAR file, with the issue triggered by an excessiv...
EUVD-2008-5325
Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service OS resource consumption via...
CVE-2008-5358
Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll...
CVE-2008-5353
The Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and...
CVE-2008-5354
Stack-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with...
CVE-2008-5350
Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted applications and applets to list the contents of the operating user's directory via unknown vectors...
CVE-2008-5359
Buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the...
CVE-2008-5347
Multiple unspecified vulnerabilities in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the 1 JAX-WS and 2 JAXB packages...
CVE-2008-5352
Integer overflow in the JAR unpacking utility unpack200 in the unpack library unpack.dll in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JA...
CVE-2008-5349
Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service CPU consumption via a crafted RSA public key...
CVE-2008-5348
Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service OS resource consumption via...
JRE allows unauthorized memory read access via a crafted ZIP file
Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file...
OpenJDK Denial-Of-Service in kerberos authentication (6588160)
Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service OS resource consumption via...
OpenJDK Privilege escalation in command line applications (6733959)
Stack-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with...