Lucene search
K

2636 matches found

Cvelist
Cvelist
added 2009/03/25 11:0 p.m.28 views

CVE-2009-1099

Integer signedness error in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and...

7.9AI score0.0566EPSS
Exploits0References34
CVE
CVE
added 2009/03/25 11:0 p.m.141 views

CVE-2009-1097

Technical details for CVE-2009-1097 are not publicly provided in the supplied documents. The initial entry mentions buffer overflows in JDK/JRE 6 Update 12 and earlier but no concrete remediation or impact details are given here. Monitor for updates.

9.3CVSS7.9AI score0.07089EPSS
Exploits0References39Affected Software2
CVE
CVE
added 2009/03/25 11:0 p.m.130 views

CVE-2009-1095

CVE-2009-1095 : Integer overflow in unpack200 within Java SE/JRE up to JDK/JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier. This vulnerability enables a remote attacker to gain access to files or execute arbitrary code by delivering a crafted Pack200 header inside a JAR. The provided d...

10CVSS7.8AI score0.07099EPSS
Exploits0References44Affected Software2
RedHat Linux
RedHat Linux
added 2009/03/25 2:52 p.m.49 views

Critical: Red Hat Security Advisory: java-1.6.0-ibm security update

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The IBM® 1.6.0 Java™ release...

10CVSS7.1AI score0.10015EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2009/03/25 2:52 p.m.12 views

Java WebStart privilege escalation

Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors,...

10CVSS7.1AI score0.03648EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2009/03/25 12:0 a.m.47 views

CVE-2009-1095

Integer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...

10CVSS6.6AI score0.07099EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/03/25 12:0 a.m.45 views

CVE-2009-1098

Buffer overflow in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.219 and earlier; and 1.3.124 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998...

9.3CVSS6.6AI score0.06787EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/03/25 12:0 a.m.48 views

CVE-2009-1100

Multiple unspecified vulnerabilities in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service disk consumption via vectors related to temporary font files and 1 "limits on Font...

5CVSS6.3AI score0.03584EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/03/25 12:0 a.m.45 views

CVE-2009-1097

Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...

9.3CVSS6.8AI score0.07089EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/03/25 12:0 a.m.48 views

CVE-2009-1094

Unspecified vulnerability in the LDAP implementation in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier allows remote LDAP servers to execute arbitrary code via unknown vector...

10CVSS6.6AI score0.04389EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/01/20 12:0 a.m.49 views

RedHat Security Advisory RHSA-2009:0015

The remote host is missing updates announced in advisory RHSA-2009:0015. The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software...

10CVSS8.2AI score0.84807EPSS
Exploits23References3
RedHat Linux
RedHat Linux
added 2009/01/13 9:39 p.m.6 views

OpenJDK Buffer overflow in image processing (6726779)

Buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the...

9.3CVSS7.5AI score0.10784EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/01/13 9:39 p.m.56 views

Critical: Red Hat Security Advisory: java-1.5.0-ibm security update

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The IBM 1.5.0 Java release includes the IBM Java 2...

10CVSS7.1AI score0.84807EPSS
Exploits23References22
RedHat Linux
RedHat Linux
added 2009/01/13 9:39 p.m.7 views

OpenJDK Truetype Font processing vulnerability (6751322)

Integer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which...

9.3CVSS8AI score0.10015EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/01/13 9:39 p.m.5 views

JavaWebStart allows unauthorized network connections

Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka...

5CVSS7.1AI score0.03451EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/01/13 9:33 p.m.50 views

Critical: Red Hat Security Advisory: java-1.6.0-ibm security update

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The IBM 1.6.0 Java release includes the IBM Java 2...

10CVSS7.1AI score0.84807EPSS
Exploits23References14
RedHat Linux
RedHat Linux
added 2008/12/04 3:45 p.m.10 views

OpenJDK temporary files have guessable file names (6721753)

Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknow...

6.4CVSS7.1AI score0.03478EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/12/04 3:45 p.m.5 views

OpenJDK Denial-Of-Service in kerberos authentication (6588160)

Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service OS resource consumption via...

7.1CVSS7.2AI score0.04306EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/12/04 3:45 p.m.5 views

JRE allows unauthorized memory read access via a crafted ZIP file

Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file...

7.1CVSS7.2AI score0.0281EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/12/04 3:45 p.m.7 views

Java WebStart privilege escalation

Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors,...

10CVSS7.1AI score0.03648EPSS
Exploits1References4
Rows per page
Query Builder