2526 matches found
JRE JPEG JFIF Decoder issue (6862969)
Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969...
OpenJDK JRE AWT setDifflCM stack overflow (6872357)
Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...
OpenJDK JRE AWT setBytePixels heap overflow (6872358)
Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...
SuSE9 Security Update : IBM Java2 and SDK (YOU Patch Number 12531)
IBM Java 1.4.2 was updated to Service Refresh 13 Fixpack 2 At least following security issues are fixed by this update : - A vulnerability in the Java Runtime Environment JRE with storing temporary font files might allow an untrusted applet or application to consume a disproportionate amount of...
Java Runtime Environment AWT setDiffICM buffer overflow
Added: 11/27/2009 CVE: CVE-2009-3869 BID: 36881 OSVDB: 59710 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in the setDiffICM function of the Abstract Window Toolkit AWT allows command execution when a user loads a...
Java Runtime Environment AWT setDiffICM buffer overflow
Added: 11/27/2009 CVE: CVE-2009-3869 BID: 36881 OSVDB: 59710 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in the setDiffICM function of the Abstract Window Toolkit AWT allows command execution when a user loads a...
Java Runtime Environment AWT setDiffICM buffer overflow
Added: 11/27/2009 CVE: CVE-2009-3869 BID: 36881 OSVDB: 59710 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in the setDiffICM function of the Abstract Window Toolkit AWT allows command execution when a user loads a...
OpenJDK JRE AWT setBytePixels heap overflow (6872358)
Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...
OpenJDK JRE AWT setDifflCM stack overflow (6872357)
Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...
Important: Red Hat Security Advisory: java-1.6.0-openjdk security update
Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJD...
OpenJDK Untrusted applet System properties access (6738524)
The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java Web Start applications, which allows context-dependent attackers to obtain sensiti...
Java Web Start Buffer unpack200 processing integer overflow (6830335)
Integer overflow in the unpack200 utility in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to...
Directory traversal
Directory traversal vulnerability in the ICCProfile.getInstance method in Java Runtime Environment JRE in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium ICC profile files via a .. dot...
CVE-2009-3880
The Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the...
CVE-2009-3728
Directory traversal vulnerability in the ICCProfile.getInstance method in Java Runtime Environment JRE in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium ICC profile files via a .. dot...
CVE-2009-3728
The CVE-2009-3728 entry refers to a directory traversal vulnerability in the ICC_Profile.getInstance method of the Java Runtime Environment (JRE). Affected products include Sun Java SE 5.0 before Update 22 and Java SE 6 before Update 17, as well as OpenJDK. The root cause is an insecure pathname ...
java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)
The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...
CVE-2009-3880
The Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the...
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow
Added: 11/06/2009 CVE: CVE-2009-3867 BID: 36881 OSVDB: 59711 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow
Added: 11/06/2009 CVE: CVE-2009-3867 BID: 36881 OSVDB: 59711 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...