Lucene search
K

29 matches found

RedHat Linux
RedHat Linux
added 2009/01/13 9:39 p.m.7 views

Java Web Start exposes username and the pathname of the JWS cache

Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071...

5CVSS7.1AI score0.03013EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/01/13 9:39 p.m.6 views

OpenJDK Denial-Of-Service in kerberos authentication (6588160)

Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service OS resource consumption via...

7.1CVSS7.2AI score0.04306EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/01/13 9:33 p.m.8 views

Java Web Start File Inclusion via System Properties Override

Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the 1 java.home, 2 java.ext.dirs, or 3 user.home System...

9.3CVSS7.6AI score0.07319EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/12/04 3:45 p.m.6 views

Java WebStart allows hidden code privilege escalation

Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF an...

9CVSS7.2AI score0.05093EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/12/04 3:45 p.m.7 views

Java Web Start File Inclusion via System Properties Override

Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the 1 java.home, 2 java.ext.dirs, or 3 user.home System...

9.3CVSS7.6AI score0.07319EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/08/13 2:18 p.m.5 views

OpenJDK JMX allows illegal operations with local monitoring (6332953)

Unspecified vulnerability in the Java Management Extensions JMX management agent in Sun Java Runtime Environment JRE in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to "perform unauthorized operations" via...

9.3CVSS7.4AI score0.05043EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/11/26 4:37 p.m.7 views

Vulnerabilities in Java Web Start allow to determine the location of the Java Web Start cache

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.215 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information the Java Web...

2.6CVSS5.8AI score0.02663EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/08/07 7:36 p.m.7 views

javaws vulnerabilities

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to...

10CVSS5.9AI score0.04959EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/01/24 12:0 a.m.9 views

security flaw

Unspecified vulnerability in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 6 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allows attackers to use untrusted applets to "access data in other...

4.3CVSS5.8AI score0.02311EPSS
Exploits0References4
Rows per page
Query Builder