Mac OS X 10.5.x < 10.5.7 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.7. Mac OS X 10.5.7 contains security fixes for the following products : - Apache - ATS - BIND - CFNetwork - CoreGraphics - Cscope - CUPS - Disk Images - enscript - Flash Player plug-in - Help Viewer - iChat -...

Mac OS X Multiple Vulnerabilities (Security Update 2009-002)

The remote host is running a version of Mac OS X 10.4 that does not have Security Update 2009-002 applied. This security update contains fixes for the following products : - Apache - ATS - BIND - CoreGraphics - Cscope - CUPS - Disk Images - enscript - Flash Player plug-in - Help Viewer - IPSec -...

CVE-2009-0194

The domain-locking implementation in the GARMINAXCONTROL.GarminAxControlt.1 ActiveX control in npGarmin.dll in the Garmin Communicator Plug-In 2.6.4.0 does not properly enforce the restrictions that 1 download and 2 upload requests come from a web site specified by the user, which allows remote...

CVE-2009-0194

The domain-locking implementation in the GARMINAXCONTROL.GarminAxControlt.1 ActiveX control in npGarmin.dll in the Garmin Communicator Plug-In 2.6.4.0 does not properly enforce the restrictions that 1 download and 2 upload requests come from a web site specified by the user, which allows remote...

CVE-2009-0194

CVE-2009-0194 affects Garmin Communicator Plug-In 2.6.4.0 (npGarmin.dll, GARMINAXCONTROL.GarminAxControl_t.1 ActiveX). The domain-locking mechanism does not properly enforce that download/upload requests originate from a user-specified site, enabling a synchronisation error that can lead to unaut...

HP-UX Update for Java Plug-In (JPI) HPSBUX01100

Check for the Version of Java Plug-In JPI OpenVAS Vulnerability Test HP-UX Update for Java Plug-In JPI HPSBUX01100 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

HP-UX Update for Java Plug-In (JPI) HPSBUX01100

Check for the Version of Java Plug-In JPI OpenVAS Vulnerability Test HP-UX Update for Java Plug-In JPI HPSBUX01100 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Java WebStart unprivileged local file and network access

Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors...

Java WebStart privilege escalation

Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors,...

CVE-2009-1016

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was obtained from the...

Stack overflow

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was obtained from the...

openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-6125)

The Sun JDK 5 was updated to Update18 to fix various bugs and security issues. CVE-2009-1093: LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier do...

Sun Java JRE Multiple Vulnerabilities (254569 / 254611 / 254608 ..)

The version of Sun Java Runtime Environment JRE installed on the remote host is earlier than 6 Update 13 / 5.0 Update 18 / 1.4.220 / 1.3.125. Such versions are potentially affected by the following security issues : - A denial of service vulnerability affects the JRE LDAP implementation. 254569. ...

OpenJDK: Intended access restrictions bypass via LiveConnect (6724331)

The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; and 1.4.219 and earlier does not prevent Javascript that is loaded from the localhost from connecting to other ports on the system, which allows user-assisted...

OpenJDK: Signed applet remote misuse possibility (6782871)

The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing...

OpenJDK: Files disclosure, arbitrary code execution via "deserializing applets" (6646860)

Unspecified vulnerability in the Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.219 and earlier; and 1.3.124 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors...

OpenJDK: Improper parsing of crossdomain.xml files (intended access restriction bypass) (6798948)

The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948...

OpenJDK: Files disclosure, arbitrary code execution via "deserializing applets" (6646860)

Unspecified vulnerability in the Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.219 and earlier; and 1.3.124 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors...

Design/Logic Flaw

The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948...

Design/Logic Flaw

The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490...