83 matches found
CVE-2015-1916
Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider...
CVE-2015-1916
Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider...
CVE-2015-1916
CVE-2015-1916 is an IBM Java SSL/TLS (JSSE) related denial-of-service vulnerability. IBM advisories (e.g., IBMs 734104A523B… and related security bulletins) indicate affected IBM Java SDK/JRE versions used in IBM SAN Volume Controller and Storwize family products. The vulnerability allows a remot...
OpenJDK: certificate options parsing uncaught exception (JSSE, 8068720)
A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly...
Oracle Java SE and Jrockit JSSE Subcomponent Denial of Service Vulnerability
Oracle Java SE is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.JRockit is a Java virtual machine built into Oracle Fusion Middleware. A security vulnerability exists in the JSSE subcomponent of Oracle Java SE and Jrockit, whic...
Oracle Java SE 7 < Update 77 Multiple Vulnerabilities
Binary data 8749.prm...
OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555)
It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption...
OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066)
It was discovered that the TLS/SSL implementation in the JSSE component in OpenJDK failed to properly verify the server identity during the renegotiation following session resumption, making it possible for malicious TLS/SSL servers to perform a Triple Handshake attack against clients using JSSE...
OpenJDK: JSSE denial of service (JSSE, 7186286)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect availability, related to JSSE...
Oracle Java SE Multiple Vulnerabilities -01 Feb 13 (Windows)
This host is installed with Oracle Java SE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboraclejavasemultvuln01feb13win.nasl 7699 2017-11-08 12:10:34Z santu $ Oracle Java SE Multiple Vulnerabilities -01 Feb 13 Windows Authors: Arun Kallavi Copyright: Copyright c 2013...
OpenJDK: JSSE denial of service (JSSE, 7186286)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect availability, related to JSSE...
OpenJDK: JSSE denial of service (JSSE, 7186286)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect availability, related to JSSE...
HP-UX Update for Java VM (J2SE) or Java Secure Socket Extension (JSSE) Software HPSBUX00280
Check for the Version of Java VM J2SE or Java Secure Socket Extension JSSE Software OpenVAS Vulnerability Test HP-UX Update for Java VM J2SE or Java Secure Socket Extension JSSE Software HPSBUX00280 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
HP-UX Update for Java VM (J2SE) or Java Secure Socket Extension (JSSE) Software HPSBUX00280
Check for the Version of Java VM J2SE or Java Secure Socket Extension JSSE Software OpenVAS Vulnerability Test HP-UX Update for Java VM J2SE or Java Secure Socket Extension JSSE Software HPSBUX00280 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition
The Java Secure Socket Extension JSSE in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.211 through 1.4.214, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service CPU consumption via certain SSL/TLS handshake...
Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition
The Java Secure Socket Extension JSSE in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.211 through 1.4.214, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service CPU consumption via certain SSL/TLS handshake...
CVE-2007-3698
The Java Secure Socket Extension JSSE in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.211 through 1.4.214, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service CPU consumption via certain SSL/TLS handshake...
Design/Logic Flaw
The Java Secure Socket Extension JSSE in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.211 through 1.4.214, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service CPU consumption via certain SSL/TLS handshake...
CVE-2004-2393
Java Secure Socket Extension JSSE 1.0.3 through 1.0.32 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS...
CVE-2004-2393
Java Secure Socket Extension JSSE 1.0.3 through 1.0.32 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS...