2526 matches found
CVE-2008-1195
CVE-2008-1195 is described as an unspecified vulnerability in Sun JDK/JRE 6 Update 4 and earlier; 5.0 Update 14 and earlier; and SDK/JRE 1.4.2_16 and earlier, where remote attackers could use JavaScript/Java API vectors to access local network services. Red Hat advisories referencing this CVE (e....
CVE-2008-1193
CVE-2008-1193 concerns the Java Runtime Environment Image Parsing Library in Sun JDK/JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier. A remote untrusted application could gain privileges due to flaws in the image parsing library, as described in SUSE/Red Hat advisories linked to the CVE...
CVE-2008-1185
CVE-2008-1185 refers to an unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK across multiple legacy versions: JRE/JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier. The description states that remote attackers could gain privileges via a...
CVE-2008-1187
CVE-2008-1187 affects Sun Java Runtime Environment (JRE) and JDK family prior to several updates (J2SE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier). The vulnerability is described as unspecified, allowing remote attackers to cause a denial of service (JRE c...
CVE-2008-1187
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
CVE-2008-1186
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.216 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue....
CVE-2008-1195
Unspecified vulnerability in Sun JDK and Java Runtime Environment JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java AP...
Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow
Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow source: https://www.securityfocus.com/bid/28125/info Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. A...
Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow
source: https://www.securityfocus.com/bid/28125/info Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with the...
Moderate: Red Hat Security Advisory: java-1.5.0-bea security update
Updated java-1.5.0-bea packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The BEA WebLogic JRockit 1.5.014 JRE and SDK conta...
Security Vulnerability in Java Runtime Environment With Applet Caching
Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound...
Anti-DNS Pinning and Java Applets with HTTP proxy
Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...
SOL8424 - Java Runtime Environment Vulnerability - CVE-2008-0657
Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges through an untrusted application or applet, as demonstrated by an application or applet that grants...
java-1.5.0 Privilege escalation via unstrusted applet and application
Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants...
Critical: Red Hat Security Advisory: java-1.5.0-sun security update
Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the...
CVE-2008-0628
The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity XXE attacks and cause a denial of service or acces...
CVE-2008-0628
The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity XXE attacks and cause a denial of service or acces...
CVE-2008-0628
CVE-2008-0628 affects Sun Java Runtime Environment (JRE/JDK) 6 Update 3 and earlier. The XML parsing code processes external entity references even when the “external general entities” property is false, enabling an XXE attack that can cause denial of service or allow access to restricted resourc...
Sun Java运行时环境XML处理绕过安全限制漏洞
BUGTRAQ ID: 27553 Solaris系统的Java运行时环境(JRE)为JAVA应用程序提供可靠的运行环境。 JRE在处理外部实体引用时存在漏洞,攻击者可能利用此漏洞通过诱使用户处理恶意XML文档访问某些URL或导致拒绝服务。 默认下Java运行时环境(JRE)允许处理外部实体引用。如果要禁止处理外部实体引用,站点可以将external general entities属性设置为FALSE。JRE中的漏洞允许即使在将external general...