Sun Java JRE XML Signature Command Injection (102993)

The version of Sun Java Runtime Environment JRE installed on the remote host reportedly does not securely process XSLT stylesheets containing XSLT Transforms in XML Signatures. If an attacker can pass a specially crafted XSLT stylesheet to a trusted Java application running on the remote host,...

Sun Java JRE Image Parsing Vulnerabilities (102934)

According to its version number, the Sun Java Runtime Environment JRE installed on the remote host reportedly is affected by a buffer overflow in its image processing code as well as another issue that may cause the Java Virtual Machine to hang. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Sun Java JRE GIF Image Handling Buffer Overflow (102760)

According to its version number, the Sun JRE running on the remote host has a buffer overflow issue that can be triggered when parsing a GIF image with the image width in an image block set to 0. If an attacker can trick a user on the affected system into processing a specially crafted image file...

Sun Java JRE vulnerable to arbitrary code execution via an unspecified error

Overview A vulnerability in the Sun Java Runtime Environment may allow an attacker to execute arbitrary code on a vulnerable system. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for...

[SA23398] Sun Java JRE Applet Security Bypass

TITLE: Sun Java JRE Applet Security Bypass SECUNIA ADVISORY ID: SA23398 VERIFY ADVISORY: http://secunia.com/advisories/23398/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Sun Java JDK 1.5.x http://secunia.com/product/4621/ Sun Java JRE 1.5.x / 5.x...

[SA18762] Java Web Start Sandbox Security Bypass Vulnerability

TITLE: Java Web Start Sandbox Security Bypass Vulnerability SECUNIA ADVISORY ID: SA18762 VERIFY ADVISORY: http://secunia.com/advisories/18762/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Java Web Start 1.x http://secunia.com/product/1005/ Sun Java JDK 1.5.x...

Sun Java JRE sandbox protection bypass

Few vulnerabilities allow applets to write local files and execute applications...

CVE-2005-0471

CVE-2005-0471 affects Sun Java JRE 1.1.x through 1.4.x. The vulnerability arises when the Java runtime writes temporary files with long filenames that become predictable on file systems using 8.3 short names, enabling remote attackers to write arbitrary files to known locations and potentially ex...

CVE-2005-0471

Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that...

[SA13918] Sun Java Plug-In Two Vulnerabilities

TITLE: Sun Java Plug-In Two Vulnerabilities SECUNIA ADVISORY ID: SA13918 VERIFY ADVISORY: http://secunia.com/advisories/13918/ CRITICAL: Highly critical IMPACT: Security Bypass, System access WHERE: From remote SOFTWARE: Sun Java SDK 1.4.x http://secunia.com/product/1661/ Sun Java SDK 1.3.x...

Sun Java Applet Invocation Version Specification

The remote version of Windows contains a version of the Java JRE that is older than 1.4.206 / 1.3.113. Even if a newer version of this software is installed, a malicious Java applet may invoke a particular version of the Java JRE to be executed with. As a result, a rogue Java applet could exploit...