2 matches found
java-1.4.2-ibm: DoS via class file parser in IBM Java 1.4.2.SR13.FP9
The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service memory consumption or an infinite loop via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than...
Java Web Start, arbitrary file creation (6703909)
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909...