Lucene search
K

43 matches found

Tenable Nessus
Tenable Nessus
added 2012/03/14 12:0 a.m.299 views

Oracle Java JDK / JRE 7 < Update 17 Remote Code Execution

Binary data 6711.prm...

10CVSS9.8AI score0.86151EPSS
Exploits10References5
RedHat Linux
RedHat Linux
added 2009/12/23 5:33 p.m.8 views

java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)

The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...

9.3CVSS6.2AI score0.09401EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2009/11/23 12:0 a.m.33 views

Sun Java SE Multiple Vulnerabilities - Nov09 (Windows)

This host is installed with Sun Java SE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodsunjavasemultvulnnov09win.nasl 7699 2017-11-08 12:10:34Z santu $ Sun Java SE Multiple Vulnerabilities - Nov09 Windows Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...

7.5CVSS0.8AI score0.22478EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2009/11/13 12:0 a.m.35 views

Sun Java JRE Remote Code Execution Vulnerability (Linux)

This host is installed with Sun Java JRE and is prone to Remote Code Execution Vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavajrecodeexevulnlin.nasl 7699 2017-11-08 12:10:34Z santu $ Sun Java JRE Remote Code Execution Vulnerability Linux Authors: Nikita MR Copyright: Copyright c 2009...

9.3CVSS0.8AI score0.06182EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2009/11/13 12:0 a.m.34 views

Sun Java JRE < 6 Update 17 RCE Vulnerability - Windows

Sun Java JRE is prone to a remote code execution RCE vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

9.3CVSS7.1AI score0.09401EPSS
Exploits2References3
Prion
Prion
added 2009/11/09 7:30 p.m.22 views

Design/Logic Flaw

The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo aka tz files, aka Bug Id 6824265...

5CVSS6.3AI score0.02951EPSS
Exploits5References13Affected Software1
UbuntuCve
UbuntuCve
added 2009/11/09 7:30 p.m.29 views

CVE-2009-3886

The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP 1 application or 2 applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531...

7.5CVSS5.9AI score0.01701EPSS
Exploits0References1
NVD
NVD
added 2009/11/09 7:30 p.m.22 views

CVE-2009-3886

The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP 1 application or 2 applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531...

7.5CVSS6.2AI score0.01701EPSS
Exploits0References5
CVE
CVE
added 2009/11/09 7:0 p.m.108 views

CVE-2009-3881

CVE-2009-3881 affects Sun Java SE 5.0 (before Update 22) and Java SE 6 (before Update 17), and OpenJDK. The issue is that class loader hierarchy can allow children of a resurrected ClassLoader to exist, enabling a remote attacker to gain privileges via unspecified vectors (information leak vulner...

7.5CVSS6.4AI score0.02666EPSS
Exploits0References8Affected Software2
CVE
CVE
added 2009/11/09 7:0 p.m.100 views

CVE-2009-3886

CVE-2009-3886 concerns the Java Web Start implementation in Sun Java SE 6 before Update 17, where the interaction between a signed JAR and a JNLP application or applet is not handled correctly. The entry notes a regression (Bug 6870531) as the underlying issue, but the provided documents do not s...

7.5CVSS6AI score0.01701EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/11/09 7:0 p.m.44 views

CVE-2009-3886

The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP 1 application or 2 applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531...

6AI score0.01701EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2009/11/05 4:30 p.m.49 views

CVE-2009-3866

The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an...

9.3CVSS6.2AI score0.06182EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2009/11/05 4:30 p.m.21 views

CVE-2009-3865

The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...

9.3CVSS6.1AI score0.09401EPSS
Exploits2References3
Prion
Prion
added 2009/11/05 4:30 p.m.31 views

Integer overflow

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file...

9.3CVSS7.9AI score0.09533EPSS
Exploits1References27Affected Software3
Prion
Prion
added 2009/11/05 4:30 p.m.22 views

Code injection

The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an...

9.3CVSS7.6AI score0.06182EPSS
Exploits1References19Affected Software2
NVD
NVD
added 2009/11/05 4:30 p.m.21 views

CVE-2009-3865

The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...

9.3CVSS7.1AI score0.09401EPSS
Exploits2References19
Cvelist
Cvelist
added 2009/11/05 4:0 p.m.37 views

CVE-2009-3871

Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...

7.7AI score0.06842EPSS
Exploits1References27
UbuntuCve
UbuntuCve
added 2009/11/05 12:0 a.m.40 views

CVE-2009-3875

The MessageDigest.isEqual function in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to spoof HMAC-based digital signatures, and possibl...

5CVSS5.9AI score0.03107EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/04/23 12:0 a.m.53 views

Sun Java JDK/JRE Multiple Vulnerabilities (Windows)

This host is installed with Sun Java JDK/JRE and is prone to Multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavajredosvulnwin.nasl 7699 2017-11-08 12:10:34Z santu $ Sun Java JDK/JRE Multiple Vulnerabilities Windows Authors: Sharath S Copyright: Copyright c 2009 Greenbone Networks...

10CVSS0.6AI score0.08233EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2009/04/23 12:0 a.m.26 views

Sun Java JDK/JRE Multiple Vulnerabilities (Apr 2009) - Windows

Sun Java JDK/JRE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS5.9AI score0.08233EPSS
Exploits0References5
Rows per page
Query Builder