1309 matches found
USN-836-1: WebKit vulnerabilities
It was discovered that WebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...
OpenJDK Proxy mechanism information leaks (6801071)
The proxy mechanism implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted 1 applets and 2 Java Web Start applications, which allows remote attackers to hijack web sessions...
OpenJDK Untrusted applet System properties access (6738524)
The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java Web Start applications, which allows context-dependent attackers to obtain sensiti...
RHEL 3 / 4 / 5 : java-1.4.2-bea (RHSA-2008:1043)
java-1.4.2-bea as shipped in Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary, contains security flaws and should not be used. This update has been rated as having important security impact by the Red Hat Security Response Team. Th...
RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2008:0132)
Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.4.2 SR10 Java release includes the IBM...
RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2008:0790)
Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The IBM 1.5.0 Java release includes the IBM Java 2...
RHEL 4 / 5 : java-1.5.0-bea (RHSA-2008:1044)
java-1.5.0-bea as shipped in Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary, contains security flaws and should not be used. This update has been rated as having important security impact by the Red Hat Security Response Team. The BEA WebLogic JRockit JRE and SDK...
SuSE Security Advisory SUSE-SA:2009:043 (java-1_5_0-sun,java-1_6_0-sun)
The remote host is missing updates announced in advisory SUSE-SA:2009:043. OpenVAS Vulnerability Test $Id: susesa2009043.nasl 6668 2017-07-11 13:34:29Z cfischer $ Description: Auto-generated from advisory SUSE-SA:2009:043 java-150-sun,java-160-sun Authors: Thomas Reinke Copyright: Copyright c 200...
openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1161)
The Sun Java JRE /JDK 6 was updated to Update 15 fixing various security issues. CVE-2009-2670: The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted apple...
OpenJDK: Files disclosure, arbitrary code execution via "deserializing applets" (6646860)
Unspecified vulnerability in the Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.219 and earlier; and 1.3.124 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors...
OpenJDK private variable information disclosure (6777487)
The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted 1 applet or 2 application...
OpenJDK Untrusted applet System properties access (6738524)
The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java Web Start applications, which allows context-dependent attackers to obtain sensiti...
OpenJDK JDK13Services grants unnecessary privileges (6777448)
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted 1 applet or 2 application...
OpenJDK Proxy mechanism information leaks (6801071)
The proxy mechanism implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted 1 applets and 2 Java Web Start applications, which allows remote attackers to hijack web sessions...
OpenJDK Untrusted applet System properties access (6738524)
The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java Web Start applications, which allows context-dependent attackers to obtain sensiti...
JRE applet launcher vulnerability
Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.221 and earlier; allows remote attackers to create or modify arbitrary files via vecto...
OpenJDK Proxy mechanism information leaks (6801071)
The proxy mechanism implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted 1 applets and 2 Java Web Start applications, which allows remote attackers to hijack web sessions...
OpenJDK private variable information disclosure (6777487)
The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted 1 applet or 2 application...
OpenJDK Proxy mechanism information leaks (6801071)
The SOCKS proxy implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted 1 applet or 2 Java Web Start application via unspecified vectors...
JRE applet launcher vulnerability
Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.221 and earlier; allows remote attackers to create or modify arbitrary files via vecto...