297 matches found
CVE-2003-1516
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.201 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet...
CVE-2003-1521
Sun Java Plug-In 1.4 through 1.4.202 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model...
DATEV Nutzungskontrolle 2.12.2 - Unauthorized Access
DATEV Nutzungskontrolle 2.12.2 - Unauthorized Access source: https://www.securityfocus.com/bid/8950/info It has been reported that DATEV Nutzungskontrolle may be prone to a access validation issue that may allow a local attacker to gain access to sensitive data. The issue presents itself as a loc...
DATEV Nutzungskontrolle 2.1/2.2 - Unauthorized Access
source: https://www.securityfocus.com/bid/8950/info It has been reported that DATEV Nutzungskontrolle may be prone to a access validation issue that may allow a local attacker to gain access to sensitive data. The issue presents itself as a local user is able modify certain keys in the Windows...
Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention
source: https://www.securityfocus.com/bid/8879/info A vulnerability has been identified in the Sun Java Virtual Machine packaged with JRE and SDK. This issue results in the circumvention of the Java Security Model, and can permit an attacker to execute arbitrary code on vulnerable hosts. import...
Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention
Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention source: https://www.securityfocus.com/bid/8879/info A vulnerability has been identified in the Sun Java Virtual Machine packaged with JRE and SDK. This issue results in the circumvention of the Java Security Model, and can...
Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access
source: https://www.securityfocus.com/bid/8867/info A weakness has been reported in Java implementations that may constitute unauthorized access by Java applets to floppy devices. This weakness appears to present a flaw in the Java security model. This issue was reported in Java Plug-in 1.4.x...
CVE-2003-0664
Microsoft Word 2002, 2000, 97, and 98J does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document...
Sun Java Runtime Environment allows untrusted applets to access information within trusted applets
Overview The Sun Java Runtime Environment JRE contains a vulnerability that may lead to sensitive information being leaked. Description Sun Microsystems describes the Sun JRE as follows:The Java RE provides the libraries, Java virtual machine, and other components necessary for you to run applets...
CVE-2002-0617
CVE-2002-0617 affects Microsoft Excel 2000 and 2002 on Windows. The vulnerability allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, known as the Hyperlinked Excel Workbook ...
CVE-2002-0618
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution"...
CVE-2002-0617
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass."...
CVE-1999-1262
Technical details about CVE-1999-1262 are not publicly available in the provided connected documents. Monitor for updates.
Opera 5.0/5.1 - Same Origin Policy Circumvention
source: https://www.securityfocus.com/bid/3553/info Opera is a popular, freely available web browser that is supported across many different platforms. Opera is prone to an issue which may allow for the execution of script code across domains, allowing for circumvention of the web browser's...
Многочисленные уязвимости в Firewall-1
Уязвимости разного вида вызванные недостатками модели безопасности...
CVE-2000-0563
The URLConnection function in MacOS Runtime Java MRJ 2.1 and earlier and the Microsoft virtual machine VM for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model...
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - Privileged Program Debugging
// source: https://www.securityfocus.com/bid/869/info Unixware's security model includes the concept of privileges. These can be assigned to processes and allow them to perform tasks that otherwise could only be performed by the root user. They allow programs to run with the minimum required...