386 matches found
[USN-814-1] openjdk-6 vulnerabilities
=========================================================== Ubuntu Security Notice USN-814-1 August 11, 2009 openjdk-6 vulnerabilities CVE-2009-0217, CVE-2009-2475, CVE-2009-2476, CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2674, CVE-2009-2675, CVE-2009-267...
CVE-2009-2676
Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.221 and earlier; allows remote attackers to create or modify arbitrary files via vecto...
CVE-2009-2676
CVE-2009-2676 describes an unspecified vulnerability in Sun Java SE/JDK/JRE (up to 6 Update 14, 5.0 Update 19, and 1.4.2_21) involving the JNLPAppletLauncher. Affected component is the JNLPAppletLauncher exposed to untrusted applets; the root cause is an issue in how an old launcher can be access...
Mozilla Firefox 'NPObject'访问远程代码执行漏洞
Bugraq ID: 35360 CVE ID:CVE-2009-1837 CNCVE ID:CNCVE-20091837 Mozilla Firefox是一款开放源代码的WEB浏览器。 Mozilla Firefox访问NPObject JS封装类对象的私有数据时存在竞争条件错误,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 当访问NPObject属性一个封装的JSObject时NPObjWrapperNewResolve存在竞争条件错误,在装载Java...
CVE-2009-1837
Race condition in the NPObjWrapperNewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for...
Race condition
Race condition in the NPObjWrapperNewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for...
CVE-2009-1837
CVE-2009-1837 describes a race condition in Mozilla Firefox 3 before 3.0.11 within NPObjWrapper_NewResolve in nsJSNPRuntime.cpp of xul.dll. The vulnerability could allow remote code execution via a page transition during Java applet loading, related to a use-after-free involving memory tied to a ...
CVE-2009-1837
Race condition in the NPObjWrapperNewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for...
CVE-2009-1837
Race condition in the NPObjWrapperNewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for...
Firefox Race condition while accessing the private data of a NPObject JS wrapper class object
Race condition in the NPObjWrapperNewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for...
Race condition while accessing the private data of a NPObject JS wrapper class object — Mozilla
Jakob Balle and Carsten Eiram of Secunia Research reported a race condition in NPObjWrapperNewResolve when accessing the properties of a NPObject, a wrapped JSObject. Balle and Eiram demonstrated that this condition could be reached by navigating away from a web page during the loading of a Java...
Mac OS X Java applet Remote Deserialization Remote PoC (updated)
No description provided by source. Critical Mac OS X Java Vulnerabilities Introduction Five months ago, CVE-2008-5353 and other vulnerabilities were publicly disclosed, and fixed by Sun. CVE-2008-5353 allows malicious code to escape the Java sandbox and run arbitrary commands with the permissions...
Mac OS X Java applet Remote Deserialization Remote PoC
Exploit for macOS platform in category remote exploits ====================================================== Mac OS X Java applet Remote Deserialization Remote PoC ====================================================== Critical Mac OS X Java Vulnerabilities Introduction Five months ago,...
Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex' class Metasploit3 'Sun...
Immunity Canvas: SAFARI_FILE_STEALING
Name| safarifilestealing ---|--- CVE| CVE-2008-4216 Exploit Pack| CANVAS Description| Safari 3.2 File Stealing Notes| A Warning: Due to the nature of this exploit, a file error.html will be left behind on the target system CVE Name: CVE-2008-4216 VENDOR: Apple NOTES: There are a lot of things...
Opera Remote Code Execution and Information Disclosure Vulnerabilities (Windows)
The host is installed with Opera Web Browser and is prone to remote code execution and information disclosure Vulnerabilities. OpenVAS Vulnerability Test $Id: gboperainfodiscncodeexecwin.nasl 6519 2017-07-04 14:08:14Z cfischer $ Opera Remote Code Execution and Information Disclosure Vulnerabiliti...
Opera < 9.60 RCE and Information Disclosure Vulnerabilities - Linux
Opera Web Browser is prone to remote code execution RCE and information disclosure vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Husdawg System Requirements Lab Multiple ActiveX Remote Code Execution
Instant Expert Analysis from Husdawg System Requirements Lab is installed on the remote host. Instant Expert Analysis software allows websites to perform one-click software/hardware analysis of remote systems. An ActiveX component used by Instant Expert Analysis can be exploited to download and...
CVE-2008-4695
Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context...
Design/Logic Flaw
Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context...