407 matches found
CVE-2003-0896
The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine JVM in Sun SDK and JRE 1.4.103 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" slash instead of "." dot characters,...
CVE-2003-0896
The CVE-2003-0896 entry concerns the loadClass method of sun.applet.AppletClassLoader in the JVM used with Sun SDK/JRE 1.4.1_03 and earlier. A remote attacker can bypass sandbox restrictions and execute arbitrary code by loading a class name that uses "/" instead of "." (dot), which avoids the Se...
[LSD] Security vulnerability in SUN's Java Virtual Machine implementation
Hello, We have found a security vulnerability in the SUN's implementation of the Java Virtual Machine, which affects the following SDK and JRE releases: - SDK and JRE 1.4.103 and earlier - SDK and JRE 1.3.108 and earlier - SDK and JRE 1.2.2015 and earlier. SUN was informed about this issue on Jun...
Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention
Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention source: https://www.securityfocus.com/bid/8879/info A vulnerability has been identified in the Sun Java Virtual Machine packaged with JRE and SDK. This issue results in the circumvention of the Java Security Model, and can...
Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention
source: https://www.securityfocus.com/bid/8879/info A vulnerability has been identified in the Sun Java Virtual Machine packaged with JRE and SDK. This issue results in the circumvention of the Java Security Model, and can permit an attacker to execute arbitrary code on vulnerable hosts. import...
Sun Java Media Framework (JMF) Arbitrary Code Execution
The remote host is using Sun Microsystems's Java Media Framework JMF. There is a bug in the version installed that may allow an untrusted applet to crash the Java Virtual Machine it is being run on, or even to gain unauthorized privileges. An attacker could exploit this flaw to execute arbitrary...
Coldfusion MX: Java in CFM causes Crash
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Illegalaccess Security Advisory Name: Macromedia Coldfusion MX Systems: All platforms with jdk 1.3.1 Level 03 until 07 Risk Category: Medium Vulnerability Type: Integer Overflow Vendor URL: http://www.macromedia.com Author: Marc Schoenefeld...
Mozilla 1.x / Opera 7.0 - LiveConnect JavaScript Denial of Service
source: https://www.securityfocus.com/bid/7227/info A denial-of-service vulnerability has been reported to affect several browsers. The vulnerability occurs when executing certain malformed JavaScript-enabled pages. An attacker can exploit this vulnerability by creating a malicious JavaScript pag...
Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (1)
source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occurs in several methods in the java.util.zip class. The methods can be called with certain types of...
Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (2)
source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occurs in several methods in the java.util.zip class. The methods can be called with certain types of...
Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (3)
source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occurs in several methods in the java.util.zip class. The methods can be called with certain types of...
Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service (2)
Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service 2 source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occur...
Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service (1)
Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service 1 source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occur...
Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service (3)
Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service 3 source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occur...
CVE-2002-2072
java.security.AccessController in Sun Java Virtual Machine JVM in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service JVM crash via a Java program that calls the doPrivileged method with a null argument...
Netscape Java virtual machine buffer overflow
Buffer overflow in class sun.awt.windows.WDefaultFontCharset method canConvert under Windows...
[LSD] Java and JVM security vulnerabilities
We would like to inform you about several security vulnerabilities in Java Virtual Machine implementations that we have found during our research. These vulnerabilities affect at least JVMs used in Netscape Communicator and Microsoft Internet Explorer web browsers. Below you can find their brief...
SunNetscape Java Virtual Machine1.x - Bytecode Verifier
SunNetscape Java Virtual Machine1.x - Bytecode Verifier source: https://www.securityfocus.com/bid/6224/info A vulnerability in the Sun and Netscape Java Virtual Machine has been reported. The vulnerability is related to the bytecode verifier, a component of the Java compiler that ensures legal...
Microsoft Java Virtual Machine Bytecode Verifier Vulnerability
Description The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the bytecode-level may be able to perform some illegal operations. If these operations are performed, it may be...
Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier
Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier source: https://www.securityfocus.com/bid/6221/info The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the...