392 matches found
Java-Applet crashes Opera 6.05 and 7.01
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory Beauchamp Security: Java-Applet crashes Opera 6.05 and 7.01 Applet crashes Opera 6.05 and 7.01 =================================================== Vendor: Opera Versions affected: Opera 6.05 / 7.01 Date: 3rd February 2003 Type of...
beauchamp02032003.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory Beauchamp Security: Java-Applet crashes Opera 6.05 and 7.01 Applet crashes Opera 6.05 and 7.01 =================================================== Vendor: Opera Versions affected: Opera 6.05 / 7.01 Date: 3rd February 2003 Type of...
Opera 6.0/7.0 - opera.PluginContext Native Method Denial of Service
source: https://www.securityfocus.com/bid/6814/info Opera ships with a trusted Java class 'opera.PluginContext' that includes a native method that is reportedly prone to denial of service attacks. It is possible for a malicious Java applet to trigger this condition to cause a denial of service...
Opera 6.07.0 - opera.PluginContext Native Method Denial of Service
Opera 6.07.0 - opera.PluginContext Native Method Denial of Service source: https://www.securityfocus.com/bid/6814/info Opera ships with a trusted Java class 'opera.PluginContext' that includes a native method that is reportedly prone to denial of service attacks. It is possible for a malicious Ja...
CVE-2002-1325
Microsoft Virtual Machine VM build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."...
CVE-2002-1258
Two vulnerabilities in Microsoft Virtual Machine VM up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error...
CVE-2002-1257
Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM Component Object Model objects in a web site or an HTML mail...
CVE-2002-1258
Two vulnerabilities in Microsoft Virtual Machine VM up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error...
CVE-2002-1258
CVE-2002-1258 affects Microsoft Virtual Machine (VM) up to build 5.0.3805, as used in Internet Explorer and other applications. The vulnerability allows remote attackers to read files via a Java applet whose CODEBASE parameter in the APPLET tag is spoofed, likely due to a parsing error. Documents...
CVE-2002-0867
Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to cause a denial of service crash in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."...
CVE-2002-0866
Java Database Connectivity JDBC classes in Microsoft Virtual Machine VM up to and including 5.0.3805 allow remote attackers to load and execute DLLs dynamic link libraries via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string,...
CVE-2002-0058
CVE-2002-0058 describes a vulnerability in the Java Runtime Environment where a web applet could abuse an HTTP proxy to hijack or sniff a client’s session by redirecting traffic to another server. Affected: Netscape 6.x (6.0–6.1) and 4.79 and earlier, and Microsoft VM builds 3802 and earlier (IE ...
Security Bulletin MS02-013
---------------------------------------------------------------------- Title: Java Applet Can Redirect Browser Traffic Date: 04 March 2002 Software: Microsoft Virtual Machine Impact: Information Disclosure Max Risk: Critical Bulletin: MS02-013 Microsoft encourages customers to review the Security...
Доступ к буфферу обмена из Java (unauthorized access)
Неподписанный java-апплет может получить доступ к содержимому буффера обменаю...
CVE-2001-1254
Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing...
Microsoft Windows 982000 - UDP Socket Denial of Service
Microsoft Windows 982000 - UDP Socket Denial of Service source: https://www.securityfocus.com/bid/2340/info Microsoft Windows 2000 and 98 are subject to a denial of service condition. Receiving a maliciously crafted email or visiting a malicious web site could prevent Windows 2000 from DNS...
Netscape Java Security Manager fails to prevent URLConnections through netscape.net.URLConnection Class
Overview Netscape Communicator and Navigator ship with Java classes that allow an unsigned Java applet to access local and remote resources in violation of the security policies for applets. Description Failures in the netscape.net package permit a Java applet to read files from the local file...
Security Bulletin (MS00-081)
Microsoft Security Bulletin MS00-081 - -------------------------------------- Patch Available for New Variant of "VM File Reading" Vulnerability Originally posted: October 25, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in the Microsoftr virtual...
CVE-2000-0676
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice...
Microsoft Virtual Machine - Arbitrary Java Codebase Execution
Microsoft Virtual Machine - Arbitrary Java Codebase Execution source: https://www.securityfocus.com/bid/1812/info An attacker may gain read access on remote systems by specifying a custom codebase in a Java applet, and delivering to the victims via HTML email or a website. Any arbitrary codebase...