Sun Microsystems Java Virtual Machine 1.x - Security Manager Denial of Service

source: https://www.securityfocus.com/bid/8892/info A problem has been reported in the Sun Microsystems Java Virtual Machine that occurs when implementing the Security Manager. Because of this, an attacker may be able to crash the virtual machine. / InsecurityManager-Demonstration / / coded by Ma...

Sun Microsystems Java Virtual Machine 1.x - Security Manager Denial of Service

Sun Microsystems Java Virtual Machine 1.x - Security Manager Denial of Service source: https://www.securityfocus.com/bid/8892/info A problem has been reported in the Sun Microsystems Java Virtual Machine that occurs when implementing the Security Manager. Because of this, an attacker may be able ...

CVE-2003-0896

The CVE-2003-0896 entry concerns the loadClass method of sun.applet.AppletClassLoader in the JVM used with Sun SDK/JRE 1.4.1_03 and earlier. A remote attacker can bypass sandbox restrictions and execute arbitrary code by loading a class name that uses "/" instead of "." (dot), which avoids the Se...

CVE-2003-0896

The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine JVM in Sun SDK and JRE 1.4.103 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" slash instead of "." dot characters,...

[LSD] Security vulnerability in SUN's Java Virtual Machine implementation

Hello, We have found a security vulnerability in the SUN's implementation of the Java Virtual Machine, which affects the following SDK and JRE releases: - SDK and JRE 1.4.103 and earlier - SDK and JRE 1.3.108 and earlier - SDK and JRE 1.2.2015 and earlier. SUN was informed about this issue on Jun...

Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention

Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention source: https://www.securityfocus.com/bid/8879/info A vulnerability has been identified in the Sun Java Virtual Machine packaged with JRE and SDK. This issue results in the circumvention of the Java Security Model, and can...

Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention

source: https://www.securityfocus.com/bid/8879/info A vulnerability has been identified in the Sun Java Virtual Machine packaged with JRE and SDK. This issue results in the circumvention of the Java Security Model, and can permit an attacker to execute arbitrary code on vulnerable hosts. import...

WMVare privilege escalation

By manipulation environment variables it's possible to start application with root privileges then during virtual machine startup...

Sun Java Media Framework (JMF) Arbitrary Code Execution

The remote host is using Sun Microsystems's Java Media Framework JMF. There is a bug in the version installed that may allow an untrusted applet to crash the Java Virtual Machine it is being run on, or even to gain unauthorized privileges. An attacker could exploit this flaw to execute arbitrary...

CVE-2003-0111

The ByteCode Verifier component of Microsoft Virtual Machine VM build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise....

Coldfusion MX: Java in CFM causes Crash

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Illegalaccess Security Advisory Name: Macromedia Coldfusion MX Systems: All platforms with jdk 1.3.1 Level 03 until 07 Risk Category: Medium Vulnerability Type: Integer Overflow Vendor URL: http://www.macromedia.com Author: Marc Schoenefeld...

CVE-2003-0111

The ByteCode Verifier component of Microsoft Virtual Machine VM build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise....

Flaw in Microsoft VM Could Enable System Compromise

TITLE : Microsoft Virtual Machine Bytecode Verifier Vulnerability CRITICAL : Highly critical IMPACT : System access OPERATING SYSTEM: Microsoft Windows 95 Microsoft Windows 98 and 98SE Microsoft Windows Millennium Microsoft Windows NT 4.0, beginning with Service Pack 1 Microsoft Windows 2000...

CVE-2002-0076

Java Runtime Environment JRE Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in 1 Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, 2 Netscape 6.2.1 and earlier, and...

Mozilla 1.x / Opera 7.0 - LiveConnect JavaScript Denial of Service

source: https://www.securityfocus.com/bid/7227/info A denial-of-service vulnerability has been reported to affect several browsers. The vulnerability occurs when executing certain malformed JavaScript-enabled pages. An attacker can exploit this vulnerability by creating a malicious JavaScript pag...

Mozilla 1.x Opera 7.0 - LiveConnect JavaScript Denial of Service

Mozilla 1.x Opera 7.0 - LiveConnect JavaScript Denial of Service source: https://www.securityfocus.com/bid/7227/info A denial-of-service vulnerability has been reported to affect several browsers. The vulnerability occurs when executing certain malformed JavaScript-enabled pages. An attacker can...

Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service (2)

Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service 2 source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occur...

Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (3)

source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occurs in several methods in the java.util.zip class. The methods can be called with certain types of...

Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (2)

source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occurs in several methods in the java.util.zip class. The methods can be called with certain types of...

Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (1)

source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occurs in several methods in the java.util.zip class. The methods can be called with certain types of...