Oracle Java JRE Premier Support and Extended Support Version Detection (Unix)

According to its version, there is at least one install of Oracle formerly Sun Java JRE on the remote host that is potentially under either Premier Support or Extended Support. Note that both support programs require vendor contracts. Premier Support provides upgrades and security fixes for five...

CVE-2013-3012

Unspecified vulnerability in the Java Runtime Environment JRE in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a...

JDK: Unspecified security fixes (July 2013)

Unspecified vulnerability in the Java Runtime Environment JRE in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a...

CVE-2013-2444

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the...

Java JRE Enabled (Internet Explorer)

Java JRE is enabled in Internet Explorer. Internet Explorer is no longer supported by Microsoft. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65743; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/10/02"; scriptnameenglish:"Jav...

Java JRE Enabled (Mozilla Firefox)

Java JRE is enabled in Mozilla Firefox. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid65741; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/10/02"; scriptnameenglish:"Java J...

Sun Java JRE Multiple Vulnerabilities (269868 / 269869 / 270476 ...) (Unix)

The version of Sun Java Runtime Environment JRE installed on the remote host is earlier than 6 Update 17 / 5.0 Update 22 / 1.4.224 / 1.3.127. Such versions are potentially affected by the following security issues : - The Java update mechanism on non-English versions does not update the JRE when ...

Sun Java JRE XML Signature Command Injection (102993) (Unix)

The version of Sun Java Runtime Environment JRE installed on the remote host reportedly does not securely process XSLT stylesheets containing XSLT Transforms in XML Signatures. If an attacker can pass a specially crafted XSLT stylesheet to a trusted Java application running on the remote host, it...

Sun Java JRE Plug-in Capability Arbitrary Package Access (Unix)

The remote host is using an unmanaged version of Sun Java Runtime Environment that has vulnerabilities in its Java Runtime Plug-in, a web browser add-on used to display Java applets : - An untrusted applet may escalate its privileges in order to read, write or execute files on the remote system. ...

Sun Java JRE Multiple Vulnerabilities (254569 / 254611 / 254608 ..) (Unix)

The version of Sun Java Runtime Environment JRE installed on the remote host is earlier than 6 Update 13 / 5.0 Update 18 / 1.4.220 / 1.3.125. Such versions are potentially affected by the following security issues : - A denial of service vulnerability affects the JRE LDAP implementation. 254569. ...

Sun Java JRE Multiple Vulnerabilities (233321-233327) (Unix)

The version of Sun Java Runtime Environment JRE installed on the remote host is affected by one or more security issues : - Two vulnerabilities in the JRE VM may independently allow an untrusted application or applet downloaded from a website to elevate its privileges 233321. - When processing XS...

Oracle Java JRE Unsupported Version Detection (Unix)

According to its self-reported version number, at least one installation of Oracle formerly Sun Java JRE on the remote host is no longer supported. The underlying detection plugins enumerates Java installations via binary, path and document inspection to ascertain confidence levels. As Java can b...

Sun Java JRE Multiple Vulnerabilities (102729 / 102732) (Unix)

According to its version number, the Sun JRE installed on the remote host has two buffer overflow issues that may allow an untrusted applet to elevate its privileges to, for example, read or write local files or to execute local applications subject to the privileges of the user running the apple...

Sun Java JRE Multiple Vulnerabilities (244986 et al) (Unix)

The version of Sun Java Runtime Environment JRE installed on the remote host is earlier than 6 Update 11 / 5.0 Update 17 / 1.4.219 / 1.3.124. Such versions are potentially affected by the following security issues : - The JRE creates temporary files with insufficiently random names. 244986 - Ther...

CVE-2013-0450

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the...

CVE-2013-1480

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX...

US-CERT Releases Oracle Java JRE 1.7 Security Advisory

US-CERT has released Vulnerability Note VU636312 to address a vulnerability in Oracle Java Runtime Environment JRE 1.7. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. US-CERT encourages users and administrators to review Vulnerability Note VU636312. Thi...

Oracle Java JDK / JRE 6 < Update 30 Multiple Vulnerabilities

The version of Oracle formerly Sun Java Runtime Environment JRE 6.x installed on the remote host is earlier than Update 30 and is potentially affected by the following vulnerabilities: - A stack overflow error exists related to proxy tunnels. Bug 6670868 - An error exists related to foreach loops...

Oracle Java JRE Unsupported Version Detection

According to its self-reported version number, at least one installation of Oracle formerly Sun Java JRE on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security...