Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service (1)

Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service 1 source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occur...

Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service (3)

Sun JDKSDK 1.31.4 IBM JDK 1.3.1 BEA Systems WebLogic 567 - java.util.zip Null Value Denial of Service 3 source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occur...

Microsoft Virtual Machine allows untrusted applets to access the user.dir system property

Overview Some versions of the Microsoft virtual machine Microsoft VM contain a flaw that could leak information about the user's system. This flaw could allow malicious Java applets to get information they would normally be denied access to. Description The Microsoft virtual machine Microsoft VM...

Microsoft Virtual Machine incorrectly parses the domain portion of URLs containing a colon

Overview Some versions of the Microsoft virtual machine Microsoft VM contain a flaw that could allow untrusted Java applets from an attacker's site to be run instead of the trusted applet from the intended site. Description The Microsoft virtual machine Microsoft VM enables Java programs to run o...

Microsoft Virtual Machine allows applets write access to the Standard Security Manager

Overview A flaw in the Microsoft virtual machine Microsoft VM could allow malicious Java applets to block other, legitimate applets from running, resulting in a denial-of-service condition. Description The Microsoft virtual machine Microsoft VM enables Java programs to run on Windows platforms. T...

CVE-2002-2072

java.security.AccessController in Sun Java Virtual Machine JVM in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service JVM crash via a Java program that calls the doPrivileged method with a null argument...

CVE-2002-1258

Two vulnerabilities in Microsoft Virtual Machine VM up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error...

CVE-2002-1260

The Java Database Connectivity JDBC APIs in Microsoft Virtual Machine VM 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet...

CVE-2002-1257

Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM Component Object Model objects in a web site or an HTML mail...

CVE-2002-1325

Microsoft Virtual Machine VM build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."...

CVE-2002-1258

Two vulnerabilities in Microsoft Virtual Machine VM up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error...

CVE-2002-1258

CVE-2002-1258 affects Microsoft Virtual Machine (VM) up to build 5.0.3805, as used in Internet Explorer and other applications. The vulnerability allows remote attackers to read files via a Java applet whose CODEBASE parameter in the APPLET tag is spoofed, likely due to a parsing error. Documents...

CVE-2002-1292

The Microsoft Java virtual machine VM build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager SSM class com.ms.security.StandardSecurityManager and bypass intended StandardSecurityManager restrictions by modifying the 1...

Netscape Java virtual machine buffer overflow

Buffer overflow in class sun.awt.windows.WDefaultFontCharset method canConvert under Windows...

[LSD] Java and JVM security vulnerabilities

We would like to inform you about several security vulnerabilities in Java Virtual Machine implementations that we have found during our research. These vulnerabilities affect at least JVMs used in Netscape Communicator and Microsoft Internet Explorer web browsers. Below you can find their brief...

Microsoft Java Virtual Machine Bytecode Verifier Vulnerability

Description The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the bytecode-level may be able to perform some illegal operations. If these operations are performed, it may be...

Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier

Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier source: https://www.securityfocus.com/bid/6221/info The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the...

SunNetscape Java Virtual Machine1.x - Bytecode Verifier

SunNetscape Java Virtual Machine1.x - Bytecode Verifier source: https://www.securityfocus.com/bid/6224/info A vulnerability in the Sun and Netscape Java Virtual Machine has been reported. The vulnerability is related to the bytecode verifier, a component of the Java compiler that ensures legal...

Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier

source: https://www.securityfocus.com/bid/6221/info The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the bytecode-level may be able to perform some illegal operations. If...

Sun/Netscape Java Virtual Machine1.x - Bytecode Verifier

source: https://www.securityfocus.com/bid/6224/info A vulnerability in the Sun and Netscape Java Virtual Machine has been reported. The vulnerability is related to the bytecode verifier, a component of the Java compiler that ensures legal structure of Java instructions. According to the report, i...