CVE-2003-1301

Sun Java Runtime Environment JRE 1.x before 1.4.211 and 1.5.x before 1.5.006, and as used in multiple web browsers, allows remote attackers to cause a denial of service application crash via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid...

Multiple jre/jdk installation symbolic link bugs

No description provided...

Sun Java Runtime Environment allows untrusted applets to access information within trusted applets

Overview The Sun Java Runtime Environment JRE contains a vulnerability that may lead to sensitive information being leaked. Description Sun Microsystems describes the Sun JRE as follows:The Java RE provides the libraries, Java virtual machine, and other components necessary for you to run applets...

Sun JRE/SDK 1.x - Untrusted Applet Java Security Model Violation

source: https://www.securityfocus.com/bid/7824/info It has been reported that the Sun Java Runtime Environment does not properly protect trusted java applets. Because of this, it may be possible for an attacker to use a malicious applet to gain access to sensitive information. / Proof-Of-Concept:...

Sun JRESDK 1.x - Untrusted Applet Java Security Model Violation

Sun JRESDK 1.x - Untrusted Applet Java Security Model Violation source: https://www.securityfocus.com/bid/7824/info It has been reported that the Sun Java Runtime Environment does not properly protect trusted java applets. Because of this, it may be possible for an attacker to use a malicious...

CVE-2002-0076

CVE-2002-0076 affects the Java Runtime Environment (JRE) Bytecode Verifier. The verifier flaw allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation. Affected are Microsoft VM builds up to 3802 (Internet Explorer 4.x/5.x) and Net...

CVE-2002-0076

Java Runtime Environment JRE Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in 1 Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, 2 Netscape 6.2.1 and earlier, and...

CVE-2002-0076

Java Runtime Environment JRE Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in 1 Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, 2 Netscape 6.2.1 and earlier, and...

Security Bulletin #00218

Courtesy of Sun Microsystems. -----BEGIN PGP SIGNED MESSAGE----- Sun Microsystems, Inc. Security Bulletin Bulletin Number: 00218 Date: March 18, 2002 Cross-Ref: Title: Bytecode Verifier The information contained in this Security Bulletin is provided "AS IS." Sun makes no warranties of any kind...

CVE-2002-0058

Vulnerability in Java Runtime Environment JRE allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in 1 Netscape 6.0 through 6.1 and 4.79 and earlier, 2 Microsoft VM...

CVE-2002-0058

CVE-2002-0058 describes a vulnerability in the Java Runtime Environment where a web applet could abuse an HTTP proxy to hijack or sniff a client’s session by redirecting traffic to another server. Affected: Netscape 6.x (6.0–6.1) and 4.79 and earlier, and Microsoft VM builds 3802 and earlier (IE ...

CVE-2002-0058

Vulnerability in Java Runtime Environment JRE allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in 1 Netscape 6.0 through 6.1 and 4.79 and earlier, 2 Microsoft VM...

CVE-2001-1480

Java Runtime Environment JRE and SDK 1.2 through 1.3.004 allows untrusted applets to access the system clipboard...

Security Bulletin #00208

Sun Microsystems, Inc. Security Bulletin Bulletin Number: 00208 Date: October 22, 2001 Cross-Ref: Title: Swing The information contained in this Security Bulletin is provided "AS IS." Sun makes no warranties of any kind whatsoever with respect to the information contained in this Security Bulleti...

The Simple Server HTTPd Directory Traversal

Introduction: The Simple Server is a User-Friendly Web Server that handles HTTP requests. It is Windows based and extremely convenient to configure and is coded in Java. It requires the Java Runtime Environment package in order for the program to be able to execute. Please note this program isn't...

Security Bulletin #00201

Sun Microsystems, Inc. Security Bulletin Bulletin Number: 00201 Date: February 21, 2001 Cross-Ref: Title: Java Runtime Environment unauthorized command execution The information contained in this Security Bulletin is provided "AS IS." Sun makes no warranties of any kind whatsoever with respect to...

CVE-2000-1099

CVE-2000-1099 affects the Java Runtime Environment in JDK 1.2.2_05 and earlier . The vulnerability allows an untrusted Java class to call into a disallowed class, potentially allowing sandbox escape and unauthorized activities. The available documents do not provide a specific patch version or re...

CVE-2000-1099

Java Runtime Environment in Java Development Kit JDK 1.2.205 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities...

CVE-2000-1099

Java Runtime Environment in Java Development Kit JDK 1.2.205 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities...