1438 matches found
CVE-2001-1254
Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing...
Java Plugin 1.4 with JRE 1.3 -> Ignores certificates.
During work I've found out that the combination of the Java Plugin 1.4 with the JRE 1.3 doesn't handle certificates properly. An applet signed with an outdated certificate shouldn't be able to get access to the filesystem on the client machine. However this happens when using the named combinatio...
CVE-2001-0137
Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerabili...
Microsoft Windows 982000 - UDP Socket Denial of Service
Microsoft Windows 982000 - UDP Socket Denial of Service source: https://www.securityfocus.com/bid/2340/info Microsoft Windows 2000 and 98 are subject to a denial of service condition. Receiving a maliciously crafted email or visiting a malicious web site could prevent Windows 2000 from DNS...
CVE-2001-0068
The CVE-2001-0068 entry concerns Mac OS Runtime for Java (MRJ) 2.2.3. The connected NVD entry states that remote attackers could exploit malicious applets to read files outside the CODEBASE context by abusing the ARCHIVE applet parameter. The vulnerability description does not provide exploit cod...
CVE-2000-1061
CVE-2000-1061 involves the Microsoft Virtual Machine (VM) in Internet Explorer 4.x–5.x, where an unsigned applet can create and use ActiveX controls. This enables a remote attacker to bypass IE security settings and execute arbitrary commands via a malicious web page or email. The underlying issu...
Netscape Java Security Manager fails to prevent URLConnections through netscape.net.URLConnection Class
Overview Netscape Communicator and Navigator ship with Java classes that allow an unsigned Java applet to access local and remote resources in violation of the security policies for applets. Description Failures in the netscape.net package permit a Java applet to read files from the local file...
Security Bulletin (MS00-081)
Microsoft Security Bulletin MS00-081 - -------------------------------------- Patch Available for New Variant of "VM File Reading" Vulnerability Originally posted: October 25, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in the Microsoftr virtual...
CVE-2000-0711
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice...
CVE-2000-0676
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice...
Microsoft Virtual Machine - Arbitrary Java Codebase Execution
Microsoft Virtual Machine - Arbitrary Java Codebase Execution source: https://www.securityfocus.com/bid/1812/info An attacker may gain read access on remote systems by specifying a custom codebase in a Java applet, and delivering to the victims via HTML email or a website. Any arbitrary codebase...
Microsoft Virtual Machine - Arbitrary Java Codebase Execution
source: https://www.securityfocus.com/bid/1812/info An attacker may gain read access on remote systems by specifying a custom codebase in a Java applet, and delivering to the victims via HTML email or a website. Any arbitrary codebase can be referenced by a java applet that was loaded by an tag i...
CVE-2000-0711
Vulnerability summary (CVE-2000-0711) : Netscape Communicator fails to prevent a ServerSocket object from being created by untrusted entities, enabling a remote attacker to start a server on the victim’s system via a malicious applet (as demonstrated by Brown Orifice). The underlying issue is a f...
CVE-2000-0676
CVE-2000-0676 affects Netscape Communicator/Navigator 4.04–4.74. An unsigned Java applet could read local files (e.g., file://) and connect to remote resources via file/http/https/ftp URLs, enabling data exfiltration via Brown Orifice. Root cause is an implementation error in the JRE bundled with...
CVE-2000-0676
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice...
CVE-2000-0711
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice...
JDK 1.1.x Listening Socket Vulnerability (was Re: BrownOrifice can break firewalls!)
On Sat, 12 Aug 2000 05:33:29 +0900 "TAKAGI, Hiromitsu" [email protected] wrote: This can be verified by trying the following refined proof of concept Applet. http://java-house.etl.go.jp/takagi/java/test/Brumleve-BrownOrifice-modified-netscape.net.URLConnection/Test.html I have confirmed that Mac O...
Sun JDK 1.1.x Sun JRE 1.1.x - Listening Socket
Sun JDK 1.1.x Sun JRE 1.1.x - Listening Socket source: https://www.securityfocus.com/bid/1545/info A set of flaws in multiple vendors' Java implementation allows a malicious applet to open a listening socket to accept network connections against the security policy. Java applications use the...
CVE-1999-0142
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts...
CVE-2000-0266
Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL...