Java SE AtomicReferenceArray Unsafe Security Bypass

Added: 03/30/2012 CVE: CVE-2012-0507 BID: 52161 OSVDB: 80724 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...

Java SE AtomicReferenceArray Unsafe Security Bypass

Added: 03/30/2012 CVE: CVE-2012-0507 BID: 52161 OSVDB: 80724 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...

Java Debug Wire Protocol Detection

A Java Debug Wire Protocol JDWP server was detected on the remote host. This is a network protocol that allows debugging of a remote Java virtual machine. Authentication is not required to access this service. A remote, unauthenticated attacker could connect to this service and execute arbitrary...

Important: Red Hat Security Advisory: jbossweb security update

An update for JBoss Enterprise Application Platform 5.1.2 that fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, whic...

Oracle Java Applet2ClassLoader Vulnerability

Added: 05/05/2011 CVE: CVE-2010-4452 BID: 46388 OSVDB: 71193 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

Debian Security Advisory DSA 2161-2 (openjdk-6)

The remote host is missing an update to openjdk-6 announced via advisory DSA 2161-2. OpenVAS Vulnerability Test $Id: deb21612.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2161-2 openjdk-6 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

ZDI-11-082: Oracle Java Runtime NTLM Authentication Information Leakage Vulnerability

ZDI-11-082: Oracle Java Runtime NTLM Authentication Information Leakage Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-082 February 15, 2011 -- CVE ID: CVE-2010-4466 -- CVSS: 6.4, AV:N/AC:L/Au:N/C:P/I:P/A:N -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runtime --...

Oracle Java Runtime NTLM Authentication Information Leakage Vulnerability

This vulnerability allows remote attackers to leak authentication details on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of NTLM...

Oracle Database Multiple Vulnerabilities (October 2010 CPU)

The remote Oracle database server is missing the October 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Enterprise Manager Console - Java Virtual Machine - Change Data Capture - OLAP - Job Queue - XDK - Core RDBMS - Perl...

OpenJDK kerberos vulnerability (6958060)

Unspecified vulnerability in the Oracle Communications Messaging Server Sun Java System Messaging Server component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained...

CVE-2010-2419

Unspecified vulnerability in the Java Virtual Machine component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Java Virtual Machine component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

java security update

CentOS Errata and Security Advisory CESA-2010:0339 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring Syst...

HP-UX Update for Java VM (J2SE) and Java Plugin HPSBUX00268

Check for the Version of Java VM J2SE and Java Plugin OpenVAS Vulnerability Test HP-UX Update for Java VM J2SE and Java Plugin HPSBUX00268 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Design/Logic Flaw

The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...

CVE-2007-5689

The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...

CVE-2007-5375

Interpretation conflict in the Sun Java Virtual Machine JVM allows user-assisted remote attackers to conduct a multi-pin DNS rebinding attack and execute arbitrary JavaScript in an intranet context, when an intranet web server has an HTML document that references a "mayscript=true" Java applet...

CVE-2007-5375

CVE-2007-5375 describes an interpretation conflict in the Sun Java Virtual Machine (JVM) that can allow user-assisted remote attackers to perform a multi-pin DNS rebinding attack and execute arbitrary JavaScript within an intranet context. The issue arises when an intranet web server serves an HT...

CVE-2007-5375

Interpretation conflict in the Sun Java Virtual Machine JVM allows user-assisted remote attackers to conduct a multi-pin DNS rebinding attack and execute arbitrary JavaScript in an intranet context, when an intranet web server has an HTML document that references a "mayscript=true" Java applet...

CVE-2007-5274

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound...