392 matches found
Mac OS X : Java for Mac OS X 10.6 Update 6 (BEAST)
The remote Mac OS X host is running a version of Java for Mac OS X 10.6 that is missing Update 6, which updates the Java version to 1.6.029. It is, therefore, affected by multiple security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with...
Major DNS Cache Poisoning Attack Hits Brazilian ISPs
There is a large-scale DNS cache-poisoning attack going on in Brazil at the moment, with potentially millions of users affected by a tactic that is forcing the to install a malicious Java applet before they can reach many popular sites, including Google, Gmail and Hotmail. The attack has been goi...
Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution
Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...
Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution
Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...
Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution
Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...
Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution
Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...
SEC Consult SA-20111012-0 :: Client-side remote file upload & command execution in Microsoft Forefront UAG Remote Access Agent (CVE-2011-1969)
SEC Consult Vulnerability Lab Security Advisory 20111012-0 ======================================================================= title: Client-side remote file upload & command execution product: Microsoft Forefront Unified Access Gateway Remote Access Agent signed Java applet vulnerable versio...
CVE-2011-1969
Microsoft Forefront Unified Access Gateway UAG 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified vectors, aka "Poisoned Cup of Code Execution...
Remote code execution
Microsoft Forefront Unified Access Gateway UAG 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified vectors, aka "Poisoned Cup of Code Execution...
CVE-2011-1969
Microsoft Forefront Unified Access Gateway UAG 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified vectors, aka "Poisoned Cup of Code Execution...
Microsoft Forefront UAG Poisoned Cup of Code Execution (MS11-079; CVE-2011-1969)
The vulnerability is due to a vulnerable Java applet that is installed on a browser by the Forefront Unified Access Gateway UAG server. A remote attacker may exploit this vulnerability by enticing a target user to open a malicious web-page using a Java-enabled Web-browser. Successful exploitation...
CVE-2011-1827
Multiple unspecified vulnerabilities in Check Point SSL Network Extender SNX, SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a 1 ActiveX control or 2 Java applet...
Design/Logic Flaw
Multiple unspecified vulnerabilities in Check Point SSL Network Extender SNX, SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a 1 ActiveX control or 2 Java applet...
CVE-2011-1827
CVE-2011-1827 : Multiple vulnerabilities in Check Point components (SSL Network Extender/SNX, SecureWorkSpace, Endpoint Security On-Demand) allow remote code execution via a signed ActiveX control or Java applet. Exploitation, as described by SEC Consult, involves loading a malicious page or docu...
CVE-2011-1827
Multiple unspecified vulnerabilities in Check Point SSL Network Extender SNX, SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a 1 ActiveX control or 2 Java applet...
Firefox Java update ready to stop BEAST attacks
Firefox Java update ready to stop BEAST attacks Firefox developers searching for a way to protect users against a new attack that decrypts sensitive web traffic are seriously considering an update that stops the open-source browser from working with Oracle's Java software framework. Johnath, the...
Java for Mac OS X 10.5 Update 10
This host is missing an important security update according to Mac OS X 10.5 Update 10. OpenVAS Vulnerability Test $Id: secpodmacosxjava105upd10.nasl 7024 2017-08-30 11:51:43Z teissa $ Java for Mac OS X 10.5 Update 10 Authors: Sooraj KS Copyright: Copyright c 2011 SecPod, http://www.secpod.com Th...
SEC Consult SA-20110810-0 :: Client-side remote file upload & command execution in Check Point SSL VPN On-Demand applications - CVE-2011-1827
SEC Consult Vulnerability Lab Security Advisory 20110810-0 ======================================================================= title: Client-side remote file upload & command execution product: Check Point SSL VPN On-Demand applications signed Java applet and ActiveX control SSL Network...
Mozilla Firefox 3.6.16 (Windows 7) - mChannel Object Use-After-Free
Mozilla mChannel Object use after free - Found by regenrecht - MSF exploit by Rh0 - Win 7 fun version by mrme function trigger alert'ready?'; fakeobject = document.getElementById"d"; // allocate the object fakeobject.QueryInterfaceComponents.interfaces.nsIChannelEventSink; // append to the object...
Design/Logic Flaw
Apple Safari before 5.0.6 allows remote attackers to bypass the Same Origin Policy, and modify the rendering of text from arbitrary web sites, via a Java applet that loads fonts...