4165 matches found
CVE-2012-0505
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.235 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality,...
Design/Logic Flaw
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.235 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality,...
CVE-2012-0505
CVE-2012-0505 is described as an unspecified vulnerability in the Java Runtime Environment (JRE) component of Oracle Java SE 7 Update 2 and earlier, Java SE 6 Update 30 and earlier, Java SE 5 Update 33 and earlier, and 1.4.2_35 and earlier. It is associated with unknown attack vectors related to ...
CVE-2012-0505
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.235 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality,...
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : php5 vulnerabilities (USN-1358-1)
It was discovered that PHP computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters. CVE-2011-4885 ATTENTION: this update changes previous PHP...
SA-CONTRIB-2012-003 - Fill PDF - Multiple vulnerabilities
CVE: CVE-2012-1625 This module enables you to populate fillable PDF templates with data from nodes and webforms. Access bypass 7.x only Incorrectly-ordered arguments in a call to the function that handles the main functionality of the module makes it possible for an attacker to trigger any PDF to...
CVE-2011-2894: Spring Framework and Spring Security serialization-based remoting vulnerabilities
CVE-2011-2894: Spring Framework and Spring Security serialization-based remoting vulnerabilities Severity: Critical Versions Affected: Spring Framework: 3.0.0 to 3.0.5 Spring Security: 2.0.0 to 2.0.6 3.0.0 to 3.0.5 Earlier versions may also be affected Description: Several issues have been report...
[SECURITY] Fedora 16 Update: rubygem-activemodel-3.0.10-1.fc16
Rich support for attributes, callbacks, validations, observers, serialization, internationalization, and testing. It provides a known set of interfaces for usage in model classes. It also helps building custom ORMs for use outside of the Rails framework...
CentOS Update for java CESA-2010:0768 centos5 i386
Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2010:0768 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
CVE-2011-2788
Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors...
Buffer overflow
Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors...
CVE-2011-2788
Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors...
CVE-2011-2788
Removed by vendor...
USN-1154-1: OpenJDK 6 vulnerabilities
It was discovered that a heap overflow in the AWT FileDialog.show method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. CVE-2011-0815 It was dicovered that integer overflows in the JPEGImageReader readImage function and the...
OpenJDK Serialization inconsistencies (6966692)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from...
java-1.6.0-openjdk security update
1:1.6.0.0-1.22.1.9.8.0.1.el56 - Add oracle-enterprise.patch 1:1.6.0.0-1.22.1.9.8 - Resolves: rhbz668488 - Bumped to IcedTea6 1.9.8 - RH706250, S6213702, CVE-2011-0872: so non-blocking sockets with TCP urgent disabled get still selected for read ops win - RH706106, S6618658, CVE-2011-0865:...
openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0957-1)
Icedtea included in java-160-openjdk was updated to version 1.7.5/1.8.2/1.9.1 to fix several security issues : - S6914943, CVE-2009-3555: TLS: MITM attacks via session renegotiation - S6559775, CVE-2010-3568: OpenJDK Deserialization Race condition - S6891766, CVE-2010-3554: OpenJDK corba reflecti...
openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0957-1)
Icedtea included in java-160-openjdk was updated to version 1.7.5/1.8.2/1.9.1 to fix several security issues : - S6914943, CVE-2009-3555: TLS: MITM attacks via session renegotiation - S6559775, CVE-2010-3568: OpenJDK Deserialization Race condition - S6891766, CVE-2010-3554: OpenJDK corba reflecti...
CVE-2010-3708
The serialization implementation in JBoss Drools in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.3 before 4.3.0.CP09 and JBoss Enterprise SOA Platform 4.2 and 4.3 supports the embedding of class files, which allows remote attackers to execute arbitrary code via a crafted...
CVE-2010-3708
CVE-2010-3708 affects Red Hat JBoss Enterprise Application Platform (JBEAP) 4.3.x (prior to 4.3.0.CP09) and JBoss SOA Platform 4.2/4.3, where the Drools serialization embeds class files, enabling remote code execution via a crafted static initializer. The vulnerability is rooted in the serializat...