925 matches found
Java Web Start vulnerable to execution of unauthorized system classes
Overview Java Web Start, included in the JRE Java Runtime Environment from Sun Microsystems and other products, contains a vulnerability allowing unauthorized execution of system classes. Java Web Start, included in the JRE Java Runtime Environment and other products, is a tool for distributing...
javaws vulnerabilities
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with 1 a long key name in the xml header or 2 a long charset value, different issu...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...
Untrusted Java Web Start arbitrary file creation
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."...
Buffer overflow security vulnerabilities in Java Web Start
Stack-based buffer overflow in Java Web Start javaws.exe in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file...
GLSA-200804-28 : JRockit: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200804-28 JRockit: Multiple vulnerabilities Because of sharing the same codebase, JRockit is affected by the vulnerabilities mentioned in GLSA 200804-20. Impact : A remote attacker could entice a user to run a specially crafted...
SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 5182)
IBM Java 1.4.2 was updated to SR10 to fix various security issues : - A buffer overflow vulnerability in Java Web Start may allow an untrusted Java Web Start application that is downloaded from a website to elevate its privileges. For example, an untrusted Java Web Start application may grant...
SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 5183)
IBM Java 5 was updated to SR7 to fix various security issues : - A buffer overflow vulnerability in Java Web Start may allow an untrusted Java Web Start application that is downloaded from a website to elevate its privileges. For example, an untrusted Java Web Start application may grant itself...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with 1 a long key name in the xml header or 2 a long charset value, different issu...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue...
Buffer overflow security vulnerabilities in Java Web Start
Stack-based buffer overflow in Java Web Start javaws.exe in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file...
Critical: Red Hat Security Advisory: java-1.5.0-ibm security update
Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.5.0 Java release includes the IBM Java 2 Runti...
Java Web Start encoding Stack Buffer Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the useEncodingDecl function used while...
Java Web Start tempbuff Stack Buffer Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the useEncodingDecl function used while...
Untrusted Application or Applet May Move or Copy Arbitrary Files
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier does not properly enforce access restrictions for untrusted 1 applications and 2 applets, which allows user-assisted remote attacke...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...
Buffer overflow security vulnerabilities in Java Web Start
Stack-based buffer overflow in Java Web Start javaws.exe in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file...