Sun Java Applet 1.x - Invocation Version Specification

Sun Java Applet 1.x - Invocation Version Specification source: https://www.securityfocus.com/bid/11757/info Java provides support for dynamic and static versioning when loading applets in the Java plug-in. This means that during the invocation of an applet, a user can request that a particular...

CVE-2002-1260

The Java Database Connectivity JDBC APIs in Microsoft Virtual Machine VM 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet...

CVE-2002-1257

The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...

CVE-2002-1257

Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM Component Object Model objects in a web site or an HTML mail...

EUVD-2002-1244

The Java Database Connectivity JDBC APIs in Microsoft Virtual Machine VM 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet...

CVE-2002-1325

Microsoft Virtual Machine VM build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."...

CVE-2002-0867

CVE-2002-0867 affects Microsoft Virtual Machine up to build 5.0.3805, enabling remote attackers to crash Internet Explorer via invalid handle data in a Java applet (Handle Validation Flaw). OpenVAS and CVE records corroborate this as part of MS02-052/related issues, with proposed remediation: app...

CVE-2002-0867

Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to cause a denial of service crash in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."...

CVE-2002-0865

CVE-2002-0865 affects Microsoft Virtual Machine (VM) prior to 5.0.3805, where the XML-support class com.ms.osp.ospmrshl exposes unsafe methods that can permit remote code execution via a Java applet. Microsoft’s MS02-052 patch is the documented fix path; other sources (CERT/OpenVAS) identify this...

IBM Lotus Notes 6.0/6.5 - Multiple Java Applet Vulnerabilities

source: https://www.securityfocus.com/bid/10704/info IBM Lotus Notes is affected by three vulnerabilities concerning Java applets. An attacker can exploit these issues to disclose potentially sensitive information, cause a web browser to open an arbitrary web page, and cause a stack-based buffer...

IBM Lotus Notes 6.06.5 - Multiple Java Applet Vulnerabilities

IBM Lotus Notes 6.06.5 - Multiple Java Applet Vulnerabilities source: https://www.securityfocus.com/bid/10704/info IBM Lotus Notes is affected by three vulnerabilities concerning Java applets. An attacker can exploit these issues to disclose potentially sensitive information, cause a web browser ...

Java applet crashing with native assertion

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, this is a Java One special: Three months ago I informed Sun Microsystems about an applet alerting with a native win32 assertion Expression: offset fFileSize For information on how your program can cause an assertion failure, see the Visual C++...

Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access

source: https://www.securityfocus.com/bid/8867/info A weakness has been reported in Java implementations that may constitute unauthorized access by Java applets to floppy devices. This weakness appears to present a flaw in the Java security model. This issue was reported in Java Plug-in 1.4.x...

Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access

Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access source: https://www.securityfocus.com/bid/8867/info A weakness has been reported in Java implementations that may constitute unauthorized access by Java applets to floppy devices. This weakness appears to present a flaw in the Java...

Sun JMF unuathorized java applet memory access

Java applet can access system memory...

CVE-2003-0111

The CVE-2003-0111 issue affects the ByteCode Verifier component of Microsoft Virtual Machine (VM) used in Windows/Internet Explorer, specifically build 5.0.3809 and earlier. The underlying flaw is that the VM bytecode verifier fails to properly check certain Java applets, allowing remote attacker...

CVE-2003-0111

The ByteCode Verifier component of Microsoft Virtual Machine VM build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise....

Flaw in Microsoft VM Could Enable System Compromise

TITLE : Microsoft Virtual Machine Bytecode Verifier Vulnerability CRITICAL : Highly critical IMPACT : System access OPERATING SYSTEM: Microsoft Windows 95 Microsoft Windows 98 and 98SE Microsoft Windows Millennium Microsoft Windows NT 4.0, beginning with Service Pack 1 Microsoft Windows 2000...

Microsoft Windows Virtual Machine (VM) ByteCode Verifier fails to properly check Java applets for malicious code

Overview The Microsoft VM bytecode verifier fails to check for certain malicious code in a Java applet. Description The Microsoft VM bytecode verifier fails to check for certain malicious code in a Java applet. If an intruder can convince a victim to run a malicious Java applet, the intruder coul...

MS02-013: Cumulative VM Update (300845)

The Microsoft VM is a virtual machine for the Win32 operating environment. There are numerous security flaws in the remote Microsoft VM that could allow an attacker to execute arbitrary code on this host. To exploit these flaws, an attacker would need to set up a malicious web site with a rogue...