CVE-2017-3253

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network...

GLSA-201606-18 : IcedTea: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201606-18 IcedTea: Multiple vulnerabilities Various OpenJDK attack vectors in IcedTea, such as 2D, Corba, Hotspot, Libraries, and JAXP, exist which allows remote attackers to affect the confidentiality, integrity, and availability...

RHEL 6 : icedtea-web (RHSA-2016:0778)

An update for icedtea-web is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Moderate: Red Hat Security Advisory: icedtea-web security, bug fix, and enhancement update

An update for icedtea-web is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Oracle to Kill Java Plugin

It’s the end of an era. Oracle has announced its intent to nail the coffin shut on the Java browser plugin. The company confirmed Wednesday that it expects to deprecate the plugin in JDK 9, slated for release in September, and JRE, in a future Java SE release. Dalibor Topic, a member of Oracle’s...

Unspecified Vulnerability in Oracle Java SE Serviceability Subpart (CNVD-2015-00554)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Serviceability subcomponent, which allows an attacker to build untrustworthy Java Web Start applications and...

Oracle Java SE Install Subcomponent Local Arbitrary Code Execution Vulnerability

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Install subcomponent, which allows an attacker to build untrusted Java Web Start applications and untrusted Java...

Unspecified Vulnerability in Oracle Java SE Deployment Subcomponent (CNVD-2015-00562)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Deployment subcomponent, which allows an attacker to build untrustworthy Java Web Start applications and untrustwort...

Java Deployment Toolkit Performs Insufficient Validation of Parameters

No description provided by source. Java Deployment Toolkit Performs Insufficient Validation of Parameters ------------------------------------------------------------------------- Java Web Start henceforth, jws provides java developers with a way to let users launch and install their applications...

Sun Java Web Start 1.0/1.2 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31916/info Sun Java Web Start is prone to a remote command-execution vulnerability. Successful exploits may allow attackers to execute arbitrary commands on an unsuspecting user's computer. This may aid in further attacks...

Sun Java Web Start Plugin Command Line Argument Injection

No description provided by source. $Id: javawsarginjectaltjvm.rb 10404 2010-09-21 00:13:30Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

CVE-2011-2514

The Java Network Launching Protocol JNLP implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warnin...

CVE-2011-2514

The Java Network Launching Protocol JNLP implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warnin...

Sun Java Web Start dnsResolve ActiveX Buffer Overflow - Ver2 (CVE-2007-5019)

A buffer overflow vulnerability has been reported in numerous forms. The vulnerability is due to a boundary error in the Sun Java Web Start ActiveX control that fails to properly handle user supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute...

Fedora Update for icedtea-web FEDORA-2014-2071

Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2014-2071 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Fedora Update for icedtea-web FEDORA-2013-17016

Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2013-17016 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

Fedora Update for icedtea-web FEDORA-2013-17026

Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2013-17026 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

Sun Java Web Start Double Quote Injection (CVE-2012-1533)

A remote code execution vulnerability has been in Java Web Start...

[SECURITY] Fedora 19 Update: icedtea-web-1.4.1-0.fc19

The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...

Java Applet Driver Manager Privileged toString() Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class Metasploit3 false def initialize inf...