Sun JDK/SDK 1.3/1.4,IBM JDK 1.3.1,BEA Systems WebLogic 5/6/7 java.util.zip Null Value Denial of Service (2)

No description provided by source. source: http://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occurs in several methods in the java.util.zip class. The methods can be...

Sun Java Virtual Machine 1.x Font.createFont Method Insecure Temporary File Creation Weakness

No description provided by source. source: http://www.securityfocus.com/bid/10685/info Sun Java Virtual Machine is a component of the Sun Java infrastructure that performs the handling of Java applets and other programs. It is available for Unix, Linux, and Microsoft platforms. Sun Java Virtual...

Sun/Netscape Java Virtual Machine1.x Bytecode Verifier Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6224/info A vulnerability in the Sun and Netscape Java Virtual Machine has been reported. The vulnerability is related to the bytecode verifier, a component of the Java compiler that ensures legal structure of Java...

Sun Java Virtual Machine 1.2.2/1.3.1 Segmentation Violation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3992/info Java programs run in an intepreted environment, the Java Virtual Machine JVM. Sun has provided a reference JVM implementation for multiple platforms, including Solaris, Windows and Linux. It is possible for a...

Sun Microsystems Java Virtual Machine 1.x Security Manager Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8892/info A problem has been reported in the Sun Microsystems Java Virtual Machine that occurs when implementing the Security Manager. Because of this, an attacker may be able to crash the virtual machine. /...

Sun Java Virtual Machine 1.x Slash Path Security Model Circumvention Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8879/info A vulnerability has been identified in the Sun Java Virtual Machine packaged with JRE and SDK. This issue results in the circumvention of the Java Security Model, and can permit an attacker to execute arbitrary...

Microsoft Java Virtual Machine 3802 Series Bytecode Verifier Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6221/info The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the bytecode-level may be able to...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

IBM Patches Predictable Output Problem in SecureRandom PRNG

Details have surfaced on a recently patched vulnerability in IBM’s SecureRandom pseudo-random number generator that could allow an attacker to predict its output. Only the default SecureRandom implementation in the IBM Java Cryptography Extension JCE framework is vulnerable; IBM recommends that...

MGASA-2014-0189 Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities

Updated java-1.7.0-openjdk packages fix security vulnerabilities: An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application...

RedHat Update for java-1.7.0-openjdk RHSA-2014:0407-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for java-1.6.0-openjdk RHSA-2014:0408-01

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.6.0-openjdk RHSA-2014:0408-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

OpenJDK: JVM method processing issues (Libraries, 8029507)

Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented...

OpenJDK: JVM method processing issues (Libraries, 8029507)

Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented...

Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2013:267)

Updated java-1.7.0-openjdk packages fix security vulnerabilities : Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-235)

Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine...

MGASA-2013-0323 Updated java-1.6.0-openjdk package fixes multiple vulnerabilities

Updated java-1.6.0-openjdk packages fix security vulnerabilities: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the...

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20131105)

Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine...

Oracle Java java.awt.image.ByteComponentRaster Overflow

Added: 10/24/2013 CVE: CVE-2013-2473 BID: 60623 OSVDB: 94336 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...