64 matches found
Code injection
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077...
Information disclosure
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
Stack overflow
Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by a an application that grants itself...
CVE-2008-3114
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
CVE-2008-3114
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
CVE-2008-3113
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077...
CVE-2008-3112
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909...
CVE-2008-3112
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909...
CVE-2008-3113
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077...
CVE-2008-3111
Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by a an application that grants itself...
CVE-2008-3112
Technical details about CVE-2008-3112 (affected product, root cause, impact, and fix) are not provided in the connected documents. The initial description gives only high-level vulnerability information. Monitor for official advisories for updates.
CVE-2008-3112
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909...
CVE-2008-3111
Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by a an application that grants itself...
CVE-2008-3113
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077...
CVE-2008-3114
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
DSquare Exploit Pack: D2SEC_JAVAWS
Name| d2secjavaws ---|--- CVE| CVE-2008-1190 Exploit Pack| D2ExploitPack Description| Sun Java Web Start Untrusted Application Vulnerability Notes|...
Sun Java Web Start dnsResolve ActiveX Buffer Overflow (CVE-2007-5019)
Microsoft SQL Server is a Relational Database Management System RDBMS that can be managed through Distributed Management Objects DMO. A remote attacker can exploit this issue to execute arbitrary code on vulnerable server...
CVE-2007-5019
Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment JRE 1.6.0X allows remote attackers to have an unknown impact via a long argument to the dnsResolve isInstalled.dnsResolve method...
CVE-2007-3655
Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file...
CVE-2007-3655
Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file...