CVE-2009-2843

Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet...

Code injection

Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet...

CVE-2009-2843

Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet...

CVE-2009-2843

Java for Mac OS X 10.5 Update 6 and 10.6 Update 1 are affected by CVE-2009-2843, where the Java runtime accepts expired certificates for applets. This weakness enables remote attackers to potentially execute arbitrary code via a malicious applet. Affected products are Mac OS X Java components spe...

Mac OS X : Java for Mac OS X 10.6 Update 1

The remote Mac OS X host is running a version of Java for Mac OS X 10.6 that is missing Update 1. The remote version of this software contains several security vulnerabilities, including some that may allow untrusted Java applets to obtain elevated privileges and lead to execution of arbitrary co...

Sun Java Plug-in Sandbox Security Bypass (CVE-2004-1029)

The Sun Java plug-in is a component of the Java 2 Runtime Environment. Sun's Java plug-in technology creates a connection between a Web browser and the Java platform. This connection enables Java applets, served from a Web site, to be run within a Web browser in a restricted environment, known as...

OpenJDK Untrusted applet System properties access (6738524)

The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java Web Start applications, which allows context-dependent attackers to obtain sensiti...

OpenJDK Proxy mechanism information leaks (6801071)

The SOCKS proxy implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted 1 applet or 2 Java Web Start application via unspecified vectors...

OpenJDK Proxy mechanism information leaks (6801071)

The proxy mechanism implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted 1 applets and 2 Java Web Start applications, which allows remote attackers to hijack web sessions...

JRE applet launcher vulnerability

Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.221 and earlier; allows remote attackers to create or modify arbitrary files via vecto...

Ubuntu USN-857-1 (qt4-x11)

The remote host is missing an update to qt4-x11 announced via advisory USN-857-1. OpenVAS Vulnerability Test $Id: ubuntu8571.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8571.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-857-1 qt4-x11 Authors: Thomas...

Ubuntu 8.10 / 9.04 : qt4-x11 vulnerabilities (USN-857-1)

It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...

USN-857-1: Qt vulnerabilities

It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...

REGRESSION: have problem to run JNLP app and applets with signed Jar files (6870531)

The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP 1 application or 2 applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531...

Sun Java SE November 2009 - Multiple Vulnerabilities (1)

Sun Java SE November 2009 - Multiple Vulnerabilities 1 source: https://www.securityfocus.com/bid/36881/info Sun has released updates to address multiple security vulnerabilities in Java SE. Successful exploits may allow attackers to bypass certain security restrictions, run untrusted applets with...

openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-6395)

The Sun Java JRE /JDK 6 was updated to Update 15 fixing various security issues. CVE-2009-2670: The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted apple...

openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-6396)

The Sun Java JRE /JDK 5 was updated to Update 20 fixing various security issues. CVE-2009-2670: The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted apple...

Ubuntu: Security Advisory (USN-836-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 11 Security Update : IBM Java 1.6.0 (SAT Patch Number 1058)

IBM Java 6 SR 5 was released fixing various bugs and critical security issues : - A vulnerability in the Java Runtime Environment JRE with initializing LDAP connections may be exploited by a remote client to cause a denial-of-service condition on the LDAP service. CVE-2009-1093 - A vulnerability ...

Ubuntu 8.10 / 9.04 : webkit vulnerabilities (USN-836-1)

It was discovered that WebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...