OpenJDK Swing timer-based security manager bypass (6907662)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, an...

OpenJDK Launcher incorrect processing of empty library path entries (6983554)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.229 and earlier for Solaris and Linux allows local standalone applications to affect...

JDK unspecified vulnerability in Sound component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and...

JDK unspecified vulnerability in Deployment component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown...

JDK unspecified vulnerability in Deployment component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown...

JDK unspecified vulnerability in Sound component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and...

JDK unspecified vulnerability in Sound component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and...

JDK unspecified vulnerability in Sound component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and...

JDK unspecified vulnerability in Deployment component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows; and 1.4.229 and earlier for Windows allows remote untrusted Java Web Start applications and...

JDK unspecified vulnerability in Deployment component

Unspecified vulnerability in the Deployment component in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown...

Sun Java Applet2ClassLoader Remote Code Execution

This module exploits a vulnerability in the Java Runtime Environment that allows an attacker to run an applet outside of the Java Sandbox. When an applet is invoked with: 1. A "codebase" parameter that points at a trusted directory 2. A "code" parameter that is a URL that does not contain any...

Sun Java Applet2ClassLoader - Remote Code Execution (Metasploit)

$Id: javacodebasetrust.rb 11983 2011-03-16 05:01:29Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Sun Java Applet2ClassLoader Remote Code Execution Exploit

$Id: javacodebasetrust.rb 11983 2011-03-16 05:01:29Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7348)

IBM Java 1.4.2 SR13 was updated to FP8 to fix various bugs and security issues. The following security issues were fixed : - The kgacceptkrb5 function in krb5/acceptseccontext.c in the GSS-API library in MIT Kerberos 5 aka krb5 through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other...

SuSE 11.1 Security Update : IBM Java (SAT Patch Number 4024)

IBM Java 1.4.2 SR13 was updated to FP8 to fix various bugs and security issues. The following security issues were fixed : - The kgacceptkrb5 function in krb5/acceptseccontext.c in the GSS-API library in MIT Kerberos 5 aka krb5 through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other...

IBM Tivoli vulnerable to denial-of-service (DoS)

Overview IBM Tivoli contains a denial-of-service DoS vulnerability. IBM Tivoli contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. A wide range of products are affected. For more information, refer to the vendor's website. Impact A remote attacker may...

JVN#81294135: IBM Tivoli vulnerable to denial-of-service (DoS)

IBM Tivoli contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. Impact A remote attacker may cause a denial-of-service DoS. Solution Apply a patch Apply the appropriate patch according to the information provided by the developer. Products Affected A wid...

JDK Double.parseDouble Denial-Of-Service

The Double.parseDouble method in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a...

IBM DB2 vulnerable to denial-of-service (DoS)

Overview IBM DB2 contains a denial-of-service DoS vulnerability. IBM DB2 contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. Impact An attacker that can create or execute stored procedures may cause a denial-of-service DoS. Solution Apply a workaround...

IBM WebSphere Application Server vulnerable to denial-of-service (DoS)

Overview IBM WebSphere Application Server WAS contains a denial-of-service DoS vulnerability. IBM WebSphere Application Server contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. According to the developer: " For other IBM software products that contain...