OpenJDK temporary files have guessable file names (6721753)

Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknow...

OpenJDK Privilege escalation in command line applications (6733959)

Stack-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with...

JRE allows unauthorized memory read access via a crafted ZIP file

Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file...

RedHat Security Advisory RHSA-2009:0377

The remote host is missing updates announced in advisory RHSA-2009:0377. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment JRE contains the software and tools that users need to run applications written using the...

RedHat Security Advisory RHSA-2009:0377

The remote host is missing updates announced in advisory RHSA-2009:0377. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment JRE contains the software and tools that users need to run applications written using the...

java security update

CentOS Errata and Security Advisory CESA-2009:0377 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide th...

RHEL 5 : java-1.6.0-openjdk (RHSA-2009:0377)

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJD...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJD...

OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)

Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to cause a denial of service probably resource consumption for a JAX-WS service endpoint via a connection without...

Ubuntu: Security Advisory (USN-748-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-6128)

The Sun JDK 6 was updated to Update13 to fix various bugs and security issues. CVE-2009-1093: LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier do...

OpenJDK Pack200 Buffer overflow vulnerability (6792554)

Buffer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...

OpenJDK Pack200 Buffer overflow vulnerability (6792554)

Integer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...

OpenJDK: Type1 font processing buffer overflow vulnerability

Integer signedness error in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and...

Untrusted applet causes DoS by filling up disk space

Sun Java Runtime Environment JRE 1.5.06 and earlier, JDK 1.5.06 and earlier, and SDK 1.5.06 and earlier allows remote attackers to cause a denial of service disk consumption by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory...

OpenJDK: Improper parsing of crossdomain.xml files (intended access restriction bypass) (6798948)

The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948...

OpenJDK Pack200 Buffer overflow vulnerability (6792554)

Integer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...

OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)

Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...

OpenJDK GIF processing buffer overflow vulnerability (6804998)

Buffer overflow in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.219 and earlier; and 1.3.124 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998...

CVE-2009-1099

Integer signedness error in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and...