VUPEN Security Research - Oracle Java ICC Profile "scrn" Tag Integer Overflow Code Execution Vulnerability

VUPEN Security Research - Oracle Java ICC Profile "scrn" Tag Integer Overflow Code Execution Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Java is a programming language and computing platform released by Sun Microsystems now Oracle. It is the...

SuSE9 Security Update : IBM Java JRE and SDK (YOU Patch Number 12706)

IBM Java 1.4.2 was updated to SR13 FP9, fixing bugs and security issues. More information can be found on the IBM JDK Alerts page : http://www.ibm.com/developerworks/java/jdk/alerts/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if...

CVE-2010-4462

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and...

CVE-2010-4471

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D...

Sun Java JRE - getSoundbank 'file://' URI Buffer Overflow (Metasploit)

$Id: javagetsoundbankbof.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

JAVA Web Start - Arbitrary Command-Line Injection

Bye bye my little 0day :, Tavis Ormandy did a great job uncovering a big logic flaw within Java JRE. I discovered that bug and other that affects every browser few weeks ago and I posted the common "0day++" tweet. The method in which Java Web Start support has been added to the JRE is not less th...

VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability

VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Java is a programming language and computing platform released by Sun Microsystems. It is the underlying technology that powers...

VMSA-2010-0002 : VMware vCenter update release addresses multiple security issues in Java JRE

a. Java JRE Security Update JRE update to version 1.5.022, which addresses multiple security issues that existed in earlier releases of JRE. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the following names to the security issues fixed in JRE 1.5.018: CVE-2009-1093,...

CA Releases Updates for ARCserve Backup

CA has released updates to address vulnerabilities in the version of Java JRE bundled with ARCserve Backup. These vulnerabilities in Java JRE may allow an attacker to execute arbitrary code, bypass security restrictions, cause a denial-of-service condition, or obtain sensitive information. US-CER...

VMware vCenter update release addresses multiple security issues in Java JRE

a. Java JRE Security Update JRE update to version 1.5.022, which addresses multiple security issues that existed in earlier releases of JRE. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the following names to the security issues fixed in JRE 1.5.018: CVE-2009-1093,...

Sun Java JRE getSoundbank file:// URI Buffer Overflow

This module exploits a flaw in the getSoundbank function in the Sun JVM. The payload is serialized and passed to the applet via PARAM tags. It must be a native payload. The effected Java versions are JDK and JRE 6 Update 16 and earlier, JDK and JRE 5.0 Update 21 and earlier, SDK and JRE 1.4.223 a...

Sun Java JRE < 6 Update 17 RCE Vulnerability - Linux

Sun Java JRE is prone to a remote code execution RCE vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Sun Java JRE Remote Code Execution Vulnerability (Linux)

This host is installed with Sun Java JRE and is prone to Remote Code Execution Vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavajrecodeexevulnlin.nasl 7699 2017-11-08 12:10:34Z santu $ Sun Java JRE Remote Code Execution Vulnerability Linux Authors: Nikita MR Copyright: Copyright c 2009...

Sun Java JRE < 6 Update 17 RCE Vulnerability - Windows

Sun Java JRE is prone to a remote code execution RCE vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-6396)

The Sun Java JRE /JDK 5 was updated to Update 20 fixing various security issues. CVE-2009-2670: The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted apple...

openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-6395)

The Sun Java JRE /JDK 6 was updated to Update 15 fixing various security issues. CVE-2009-2670: The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted apple...

Sun Java SE Unspecified Vulnerability In JDK/JRE/SDK - Aug09

This host is installed with Sun Java JDK/JRE/SDK and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavaseunspecifiedvulnaug09.nasl 7699 2017-11-08 12:10:34Z santu $ Sun Java SE Unspecified Vulnerability In JDK/JRE/SDK - Aug09 Authors: Sharath S Copyright: Copyright c...

SuSE Security Advisory SUSE-SA:2009:043 (java-1_5_0-sun,java-1_6_0-sun)

The remote host is missing updates announced in advisory SUSE-SA:2009:043. OpenVAS Vulnerability Test $Id: susesa2009043.nasl 6668 2017-07-11 13:34:29Z cfischer $ Description: Auto-generated from advisory SUSE-SA:2009:043 java-150-sun,java-160-sun Authors: Thomas Reinke Copyright: Copyright c 200...

openSUSE Security Update : java-1_5_0-sun (java-1_5_0-sun-1162)

The Sun Java JRE /JDK 5 was updated to Update 20 fixing various security issues. CVE-2009-2670: The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted apple...

CVE-2009-2672

The proxy mechanism implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted 1 applets and 2 Java Web Start applications, which allows remote attackers to hijack web sessions...