VulnCheck KEV: CVE-2012-4681

The Java Runtime Environment JRE component in Oracle Java SE allow for remote code execution...

CVE-2012-4681

Multiple vulnerabilities in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by 1 using com.sun.beans.finder.ClassFinder.findClass and leveraging an...

FireEye spotted Critical 0-day vulnerability in Java Runtime Environment

FireEye's Malware Intelligence Lab is making the claim that there is a new zero day vulnerability in the wild that affects the latest version of Java.Researcher. Atif Mushtaq wrote on the company's blog that he spotted the initial exploit on a domain that pointed to an IP address in China. The...

Oracle Java JRE 1.7 Expression.execute() and SunToolkit.getField() fail to restrict access to privileged code

Overview Oracle Java Runtime Environment JRE 1.7 contains a vulnerability that may allow an applet to call setSecurityManager in a way that allows setting of arbitrary permissions. Description The Oracle Java Runtime Environment JRE 1.7 allows users to run Java applications in a browser or as...

Oracle Java SE Java Runtime Environment Multiple Unspecified Vulnerabilities - Windows

Oracle Java SE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Java Runtime Environment Unspecified Vulnerability - Windows

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : jdk (java) on SL5.x i386/x86_64

A flaw in the applet caching mechanism of the Java Runtime Environment JRE did not correctly process the creation of network connections. A remote attacker could use this flaw to create connections to services on machines other than the one that the applet was downloaded from. CVE-2007-5232...

Scientific Linux Security Update : tzdata on SL3.x, SL4.x, SL5.x i386/x86_64

This updated package addresses the following change to Daylight Saving Time DST observations : - although DST was previously announced as beginning in Pakistan on 2010-01-04, it has now been confirmed Pakistan will not observe any DST in 2010. BZ577710, BZ577835, BZ577837 - after observing DST as...

Scientific Linux Security Update : java-1.6.0-openjdk on SL6.x i386/x86_64 (20120214)

These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could u...

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64

These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Integer overflow flaws were found in the way Java2D parsed JPEG images and user-supplied fonts. An attacker could use these flaws to execute arbitrary code with the privileges of the user...

CentOS Update for java CESA-2012:0729 centos6

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2012:0729 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for java CESA-2011:1380 centos5 x86_64

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2011:1380 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.235 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availabili...

OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.235 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality an...

OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.235 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality,...

OpenJDK: mutable repository identifiers (CORBA, 7110704)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.235 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via...

CentOS 6 : java-1.7.0-openjdk (CESA-2012:1009)

Updated java-1.7.0-openjdk packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detaile...

RedHat Update for java-1.6.0-openjdk RHSA-2012:0135-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.237 and earlier allows remote attackers to affect integrity, related to CORBA...

OpenJDK: insufficient field accessibility checks (HotSpot, 7152811)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.237 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to...