Oracle Java LDAP Deserialization Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of LDAP...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-185)

Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-1569 , CVE-2013-2383 , CVE-2013-2384 Multiple improper permission check issues were...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-156)

Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2013-0442 , CVE-2013-0445 , CVE-2013-0441 , CVE-2013-1475 ,...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-163)

An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. CVE-2013-1486 It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2012-88)

Multiple flaws were discovered in the CORBA Common Object Request Broker Architecture implementation in Java. A malicious Java application or applet could use these flaws to bypass Java sandbox restrictions or modify immutable object data. CVE-2012-1711 , CVE-2012-1719 It was discovered that the...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2012-136) (ROBOT)

Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2012-5086 , CVE-2012-5084 , CVE-2012-5089 Multiple improper permission check issues...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2012-137) (ROBOT)

Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2012-5086 , CVE-2012-5084 , CVE-2012-5089 Multiple improper permission check issues...

Java - 'storeImageArray()' Invalid Array Indexing (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class Metasploit3 false def initialize inf...

Java storeImageArray() Invalid Array Indexing Vulnerability

This module abuses an Invalid Array Indexing Vulnerability on the static function storeImageArray function in order to cause a memory corruption and escape the Java Sandbox. The vulnerability affects Java version 7u21 and earlier. The module, which doesn't bypass click2play, has been tested...

Debian DSA-2727-1 : openjdk-6 - several vulnerabilities

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

[SECURITY] [DSA 2727-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2727-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 25, 2013 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2727-1 (openjdk-6 - several vulnerabilities)

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. OpenVAS Vulnerability Test $Id: deb2727.nasl 6611 2017-07-07 12:07:20Z...

DSA-2727-1 openjdk-6 - several

Bulletin has no description...

OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2...

Updated java-1.6.0-openjdk packages fix security vulnerabilities

Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption CVE-2013-2470, CVE-2013-2471, CVE-2013-2472...

Debian: Security Advisory (DSA-2722-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2012-1223)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-1223 advisory. 1.7.0.5-2.2.1.0.1.el63.3 - Modify DISTRONAME for Oracle 1.7.0.5-2.2.1.el6.3 - Removed patch 304 java-1.7.0-openjdk-beans-isPackageAccessible.patch -...

RedHat Update for java-1.7.0-openjdk RHSA-2013:0957-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected",...

Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20130620)

Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-2470, CVE-2013-2471, CVE-2013-247...

CVE-2013-2470

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2...