546 matches found
OpenJDK: newline injection in the FTP client (Networking, 8170222)
A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application...
OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520)
It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with...
OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)
A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication...
OpenJDK: newline injection in the SMTP client (Networking, 8171533)
A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application...
OpenJDK: newline injection in the FTP client (Networking, 8170222)
A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application...
Updated java-1.8.0-openjdk packages fix security vulnerability
An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges CVE-2017-3511. It was found that the JAXP component of...
OpenJDK: newline injection in the SMTP client (Networking, 8171533)
A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application...
OpenJDK: newline injection in the FTP client (Networking, 8170222)
A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application...
OpenJDK: newline injection in the FTP client (Networking, 8170222)
A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application...
OpenJDK: newline injection in the SMTP client (Networking, 8171533)
A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application...
OpenJDK: newline injection in the FTP client (Networking, 8170222)
A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application...
OpenJDK: newline injection in the SMTP client (Networking, 8171533)
A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application...
OpenJDK: newline injection in the FTP client (Networking, 8170222)
A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application...
OpenJDK: newline injection in the SMTP client (Networking, 8171533)
A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application...
OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)
It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL...
CVE-2017-2351
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WiFi" component, which allows physically proximate attackers to bypass the activation-lock protection mechanism and view the home screen via unspecified vectors...
Critical: java-1.7.0-openjdk
Issue Overview: It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. Th...
java security update
CentOS Errata and Security Advisory CESA-2017:0269 An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common...
OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)
It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL...
Vulnerability of the Java Platform software platform, which allows a perpetrator to gain access to data for reading purposes
The vulnerability of the Networking component of the Java Platform is related to errors in the code. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to data through network packets...