CVE-2004-1029

The Sun Java Plugin capability in Java 2 Runtime Environment JRE 1.4.201, 1.4.204, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using th...

DOS against Java JNDI/DNS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iKu Advisory Product : Java Runtime Environment Date : November 8th 2004 Affected versions : 1.4.2, 1.5.0, probably more Vulnerability Type : remote denial of service Severity 1-10 : 3 Remote : yes 0. contents 1. problem description 2. symptoms 3. bug...

Sun Java Runtime Environment 1.4.x - Font Object Assertion Failure Denial of Service

Sun Java Runtime Environment 1.4.x - Font Object Assertion Failure Denial of Service source: https://www.securityfocus.com/bid/10623/info The Sun Java Runtime Environment Font object is reportedly vulnerable to an assertion failure denial of service vulnerability. This issue is due to a failure o...

Sun Java Runtime Environment 1.4.x - Font Object Assertion Failure Denial of Service

source: https://www.securityfocus.com/bid/10623/info The Sun Java Runtime Environment Font object is reportedly vulnerable to an assertion failure denial of service vulnerability. This issue is due to a failure of the process to handle exceptional conditions when processing font objects. This iss...

Sun Java Runtime Environment vulnerable to DoS

Overview The Sun Java Runtime Environment JRE contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service condition in the Java Virtual Machine JVM. Description The Sun Java Runtime Environment provides the libraries and components necessary to run...

CVE-2003-1123

Sun Java Runtime Environment JRE and SDK 1.4.001 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model...

CVE-2003-1301

Sun Java Runtime Environment JRE 1.x before 1.4.211 and 1.5.x before 1.5.006, and as used in multiple web browsers, allows remote attackers to cause a denial of service application crash via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid...

CVE-2003-1156

Java Runtime Environment JRE and Software Development Kit SDK 1.4.2 through 1.4.202 allows local users to overwrite arbitrary files via a symlink attack on 1 unpack.log, as created by the unpack program, or 2 .mailcap1 and .mime.types1, as created by the RPM program...

Multiple jre/jdk installation symbolic link bugs

No description provided...

Sun Java Runtime Environment allows untrusted applets to access information within trusted applets

Overview The Sun Java Runtime Environment JRE contains a vulnerability that may lead to sensitive information being leaked. Description Sun Microsystems describes the Sun JRE as follows:The Java RE provides the libraries, Java virtual machine, and other components necessary for you to run applets...

Sun JRE/SDK 1.x - Untrusted Applet Java Security Model Violation

source: https://www.securityfocus.com/bid/7824/info It has been reported that the Sun Java Runtime Environment does not properly protect trusted java applets. Because of this, it may be possible for an attacker to use a malicious applet to gain access to sensitive information. / Proof-Of-Concept:...

Sun JRESDK 1.x - Untrusted Applet Java Security Model Violation

Sun JRESDK 1.x - Untrusted Applet Java Security Model Violation source: https://www.securityfocus.com/bid/7824/info It has been reported that the Sun Java Runtime Environment does not properly protect trusted java applets. Because of this, it may be possible for an attacker to use a malicious...

CVE-2002-0076

CVE-2002-0076 affects the Java Runtime Environment (JRE) Bytecode Verifier. The verifier flaw allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation. Affected are Microsoft VM builds up to 3802 (Internet Explorer 4.x/5.x) and Net...

CVE-2002-0076

Java Runtime Environment JRE Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in 1 Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, 2 Netscape 6.2.1 and earlier, and...

CVE-2002-0076

Java Runtime Environment JRE Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in 1 Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, 2 Netscape 6.2.1 and earlier, and...

Security Bulletin #00218

Courtesy of Sun Microsystems. -----BEGIN PGP SIGNED MESSAGE----- Sun Microsystems, Inc. Security Bulletin Bulletin Number: 00218 Date: March 18, 2002 Cross-Ref: Title: Bytecode Verifier The information contained in this Security Bulletin is provided "AS IS." Sun makes no warranties of any kind...

CVE-2002-0058

Vulnerability in Java Runtime Environment JRE allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in 1 Netscape 6.0 through 6.1 and 4.79 and earlier, 2 Microsoft VM...

CVE-2002-0058

Vulnerability in Java Runtime Environment JRE allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in 1 Netscape 6.0 through 6.1 and 4.79 and earlier, 2 Microsoft VM...

CVE-2002-0058

CVE-2002-0058 describes a vulnerability in the Java Runtime Environment where a web applet could abuse an HTTP proxy to hijack or sniff a client’s session by redirecting traffic to another server. Affected: Netscape 6.x (6.0–6.1) and 4.79 and earlier, and Microsoft VM builds 3802 and earlier (IE ...

CVE-2001-1480

Java Runtime Environment JRE and SDK 1.2 through 1.3.004 allows untrusted applets to access the system clipboard...