719 matches found
OpenJDK: JAXP missing security restrictions (JAXP, 6657673)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX...
OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...
OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...
Ubuntu 10.10 : openjdk-6b18 vulnerabilities (USN-1079-3)
USN-1079-2 fixed vulnerabilities in OpenJDK 6 for armel ARM architectures in Ubuntu 9.10 and Ubuntu 10.04 LTS. This update fixes vulnerabilities in OpenJDK 6 for armel ARM architectures for Ubuntu 10.10. It was discovered that untrusted Java applets could create domain name resolution cache...
Sun Java JDK/JRE 5 < Update 16 Multiple Vulnerabilities (Unix)
The version of Sun Java Runtime Environment JRE 5.0 installed on the remote host is affected by multiple security issues : - A vulnerability in the XML processing module of the JRE could allow an untrusted applet/application unauthorized access to certain URL resources 238628. - A buffer overflow...
OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...
OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...
OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...
OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...
OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...
IBM Lotus Symphony < 3.0.1 Fix Pack 2 Multiple Vulnerabilities
The version of IBM Lotus Symphony is a version prior to 3.0.1 Fix Pack 2. Such versions are affected by multiple vulnerabilities : - Flaws exist in the way certain XML components are processed for external entities in ODF documents. These flaws can be utilized to access and inject the content of...
USN-1613-1: Python 2.5 vulnerabilities
It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...
Debian DSA-2534-1 : postgresql-8.4 - several vulnerabilities
Two vulnerabilities related to XML processing were discovered in PostgreSQL, a SQL database. - CVE-2012-3488 contrib/xml2's xsltprocess can be used to read and write external files and URLs. - CVE-2012-3489 xmlparse fetches external files or URLs to resolve DTD and entity references in XML values...
[SECURITY] [DSA 2534-1] postgresql-8.4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2534-1 [email protected] http://www.debian.org/security/ Florian Weimer August 25, 2012 http://www.debian.org/security/faq -...
DSA-2534-1 postgresql-8.4 - several
Bulletin has no description...
Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64
A flaw was found in the Swing library. Forged TimerEvents could be used to bypass SecurityManager checks, allowing access to otherwise blocked files and directories. CVE-2010-4465 A flaw was found in the HotSpot component in OpenJDK. Certain bytecode instructions confused the memory management...
OpenJDK: XML parsing infinite loop (JAXP, 7157609)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP...
LibreOffice < 3.4.6 / 3.5.1 XML External Entity RDF Document Handling Information Disclosure
The remote host is running a version of LibreOffice 3.4.6 / 3.5.1 that has flaws in the way certain XML components are processed for external entities in ODF documents. These flaws can be utilized to access and inject the content of local files into an ODF document without a user's knowledge or...
libxml2: Off-by-one error leading to heap-based buffer overflow in encoding
Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow and application crash via a crafted web site...
Ubuntu Update for openjdk-6 vulnerabilities USN-1079-1
Ubuntu Update for Linux kernel vulnerabilities USN-1079-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10791.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for openjdk-6 vulnerabilities USN-1079-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...