Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow

Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow source: https://www.securityfocus.com/bid/28125/info Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. A...

Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow

source: https://www.securityfocus.com/bid/28125/info Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with the...

Applets or Applications are allowed to display an oversized window

Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner...

Moderate: Red Hat Security Advisory: java-1.5.0-bea security update

Updated java-1.5.0-bea packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The BEA WebLogic JRockit 1.5.014 JRE and SDK conta...

java-1.5.0 Privilege escalation via unstrusted applet and application

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants...

Security Vulnerability in Java Runtime Environment With Applet Caching

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound...

Anti-DNS Pinning and Java Applets with HTTP proxy

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound...

Security Vulnerability in Java Runtime Environment With Applet Caching

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound...

Applets or Applications are allowed to display an oversized window

Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner...

Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...

SOL8424 - Java Runtime Environment Vulnerability - CVE-2008-0657

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges through an untrusted application or applet, as demonstrated by an application or applet that grants...

java-1.5.0 Privilege escalation via unstrusted applet and application

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants...

Critical: Red Hat Security Advisory: java-1.5.0-sun security update

Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the...

CVE-2008-0657

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants...

CVE-2008-0628

The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity XXE attacks and cause a denial of service or acces...

CVE-2008-0628

The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity XXE attacks and cause a denial of service or acces...

CVE-2008-0628

CVE-2008-0628 affects Sun Java Runtime Environment (JRE/JDK) 6 Update 3 and earlier. The XML parsing code processes external entity references even when the “external general entities” property is false, enabling an XXE attack that can cause denial of service or allow access to restricted resourc...

Sun Java运行时环境XML处理绕过安全限制漏洞

BUGTRAQ ID: 27553 Solaris系统的Java运行时环境（JRE）为JAVA应用程序提供可靠的运行环境。 JRE在处理外部实体引用时存在漏洞，攻击者可能利用此漏洞通过诱使用户处理恶意XML文档访问某些URL或导致拒绝服务。 默认下Java运行时环境（JRE）允许处理外部实体引用。如果要禁止处理外部实体引用，站点可以将external general entities属性设置为FALSE。JRE中的漏洞允许即使在将external general...

Corsaire Security Advisory: Sun J2RE DoS issue

-- Corsaire Security Advisory -- Title: Sun J2RE DoS issue Date: 05.09.06 Application: Sun JRE 5.0 prior to update 14 Environment: Sun JRE Author: Martin O'Neal [email protected] Audience: General distribution Reference: c060905-002 -- Scope -- The aim of this document is to clearly defin...

Moderate: Red Hat Security Advisory: java-1.4.2-bea security update

Updated java-1.4.2-bea packages that correct several security issues and add enhancements are now available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The BEA WebLogic JRockit 1.4.215 JRE and SDK...