Design/Logic Flaw

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL...

CVE-2013-5458

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2013-4041

CVE-2013-4041 is an IBM Java SDK vulnerability affecting IBM SDK Java Technology Edition versions 5.0, 6, and 7 (and related WebSphere bundles) where code running under a security manager could access restricted classes via an unspecified vector. The IBM notices detail multiple CVEs in the Oracle...

CVE-2013-5375

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL...

CVE-2013-4041

Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to access restricted classes via unspecified vectors...

CVE-2013-5375

CVE-2013-5375 corresponds to an unspecified vulnerability in IBM SDK for Java Technology Edition (IBM JRE) that could allow remote attackers to access restricted classes via XML/XSL-related vectors. The initial entry lists affected IBM SDK/JAVA versions and SR levels: 5.0.x before SR16 FP4, 6.0.x...

CVE-2013-5456

The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged block...

CVE-2013-5457

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2013-5457

CVE-2013-5457 affects IBM SDK for Java (IBM JRE/JAVA EE shards) and is discussed across IBM advisories related to WebSphere and IT management products. The vulnerability allows an attacker to execute arbitrary code remotely by abusing the Java security manager, with exploitation tied to IBM Java ...

JDK: unspecified sandbox bypass (ORB)

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors...

IBM Notes 8.5.x < 8.5.3 FP5 Multiple Vulnerabilities

The remote host has a version of IBM Notes formerly Lotus Notes 8.5.x prior to 8.5.3 Fix Pack 5 installed. It is, therefore, reportedly affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains numerous security issues...

IBM Domino 8.5.x < 8.5.3 FP5 Multiple Vulnerabilities

The remote host has a version of IBM Domino formerly Lotus Domino 8.5.x prior to 8.5.3 Fix Pack 5 installed. It is, therefore, reportedly affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains numerous security issues...

IBM Domino 8.5.x < 8.5.3 FP 5 Multiple Vulnerabilities

According to its banner, the version of IBM Domino formerly IBM Lotus Domino on the remote host is 8.5.x earlier than 8.5.3 FP5. It is, therefore, affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains numerous securi...

Oracle Java SE CVE-2013-5838 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: Java SE 7u25, Java SE Embedded 7u25 Technologies...

IBM WebSphere Application Server 8.5 < Fix Pack 2 Multiple Vulnerabilities

IBM WebSphere Application Server 8.5 before Fix Pack 2 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - The included Java SDK contains several errors that affect the application directly. CVE-2013-0169, CVE-2013-0440,...

IBM WebSphere Application Server 8.0 < Fix Pack 6 Multiple Vulnerabilities

IBM WebSphere Application Server 8.0 before Fix Pack 6 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists that could allow cross-site request forgery CSRF attacks. CVE-2012-4853 / PM62920 - The...

Oracle Java SE CVE-2013-1488 Remote Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current process. Technologies Affected Avaya Aura Communication Manager Utility Services 6.0 Avaya Aura Communication Manager Utility...

Oracle Java SE CVE-2013-0431 Remote Java Runtime Environment Vulnerability

Description Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'JMX' sub-component. This vulnerability affects the following supported versions: 7 Update 11 and prior Note: This issue wa...

IBM Lotus Notes 8.5.1 / 8.5.2 / 8.5.3 < 8.5.3 FP3 Multiple Vulnerabilities

The remote host has a version of Lotus Notes 8.5.1, 8.5.2, or 8.5.3.x prior to 8.5.3 Fix Pack 3 installed. It is, therefore, reportedly affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains several errors that allow...

CVE-2012-5783

Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle...