OpenJDK Untrusted applet System properties access (6738524)

The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java Web Start applications, which allows context-dependent attackers to obtain sensiti...

RHEL 4 / 5 : java-1.5.0-sun (RHSA-2008:0186)

Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the...

RHEL 4 / 5 : java-1.6.0-ibm (RHSA-2008:0906)

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The IBM 1.6.0 Java release...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2009:209)

Multiple Java OpenJDK security vulnerabilities has been identified and fixed : The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation specifies an HMAC truncation length HMACOutputLength but does not require a minimum for its length, which allows attackers to spoof...

RHEL 5 : java-1.4.2-ibm (RHSA-2008:0955)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0955 advisory. - Java RE allows Same Origin Policy to be Bypassed 6687932 CVE-2008-3104 - Java Web Start, arbitrary file creation 6703909 CVE-2008-3112 -...

RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2008:0132)

Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.4.2 SR10 Java release includes the IBM...

RHEL 4 / 5 : java-1.6.0-sun (RHSA-2008:1018)

Updated java-1.6.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the...

RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2008:0790)

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The IBM 1.5.0 Java release includes the IBM Java 2...

Sun Java JDK/JRE Multiple Vulnerabilities - Aug09

This host is installed with Sun Java JDK/JRE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavajremultvulnaug09.nasl 7699 2017-11-08 12:10:34Z santu $ Sun Java JDK/JRE Multiple Vulnerabilities - Aug09 Authors: Sharath S Copyright: Copyright c 2009 Greenbone Networ...

Sun Java JDK/JRE JPEG Images Integer Overflow Vulnerability (Aug 2009)

Sun Java JDK/JRE is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sun Java JDK/JRE JPEG Images Integer Overflow Vulnerability - Aug09

This host is installed with Sun Java JDK/JRE and is prone to Integer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavajreintoverflowvulnaug09.nasl 7699 2017-11-08 12:10:34Z santu $ Sun Java JDK/JRE JPEG Images Integer Overflow Vulnerability - Aug09 Authors: Sharath S Copyright:...

SuSE Security Advisory SUSE-SA:2009:043 (java-1_5_0-sun,java-1_6_0-sun)

The remote host is missing updates announced in advisory SUSE-SA:2009:043. OpenVAS Vulnerability Test $Id: susesa2009043.nasl 6668 2017-07-11 13:34:29Z cfischer $ Description: Auto-generated from advisory SUSE-SA:2009:043 java-150-sun,java-160-sun Authors: Thomas Reinke Copyright: Copyright c 200...

CVE-2009-2719

The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service NullPointerException via a crafted .jnlp file, as demonstrated by the jnlpfile/appletDesc/index.htmlmisc test in the Technology Compatibility Kit TCK for the Java...

Design/Logic Flaw

The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service NullPointerException via a crafted .jnlp file, as demonstrated by the jnlpfile/appletDesc/index.htmlmisc test in the Technology Compatibility Kit TCK for the Java...

CVE-2009-2719

The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service NullPointerException via a crafted .jnlp file, as demonstrated by the jnlpfile/appletDesc/index.htmlmisc test in the Technology Compatibility Kit TCK for the Java...

CVE-2009-2719

The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service NullPointerException via a crafted .jnlp file, as demonstrated by the jnlpfile/appletDesc/index.htmlmisc test in the Technology Compatibility Kit TCK for the Java...

Code injection

The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute arbitrary code without th...

CVE-2009-1896

The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute arbitrary code without th...

CVE-2009-1896

The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute arbitrary code without th...

openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1161)

The Sun Java JRE /JDK 6 was updated to Update 15 fixing various security issues. CVE-2009-2670: The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted apple...