106 matches found
CVE-2015-7196
Affected software: Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4. Problem: When a Java plugin is enabled, the Java plugin can deallocate a JavaScript wrapper that is still in use, leading to a JavaScript garbage collection crash. This may result in a denial of service and, potentia...
CVE-2015-7196
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service incorrect garbage collection and application crash or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript...
UBUNTU-CVE-2015-7196
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service incorrect garbage collection and application crash or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript...
SUSE: Security Advisory for IBM Java (SUSE-SU-2014:0733-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 23 Update: icedtea-web-1.6.1-2.fc23
The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...
openSUSE Security Update : icedtea-web (openSUSE-2015-602)
The icedtea-web java plugin was updated to 1.6.1. Changes included : - Enabled Entry-Point attribute check - permissions sandbox and signed app and unsigned app with permissions all-permissions now run in sandbox instead of not at all. - fixed DownloadService - comments in deployment.properties n...
openSUSE: Security Advisory for icedtea-web (openSUSE-SU-2015:1595-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 22 Update: icedtea-web-1.6.1-1.fc22
The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...
Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
[SECURITY] Fedora 19 Update: icedtea-web-1.4.2-0.fc19
The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...
[SECURITY] Fedora 20 Update: icedtea-web-1.4.2-0.fc20
The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...
[SECURITY] Fedora 20 Update: icedtea-web-1.4.1-0.fc20
The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...
用友内部管理系统后台未授权访问(弱口令)
简要描述: 见说明 详细说明: 网址 http://125.35.5.195:808/login.jsp 在java环境下,当然,如果提示安装插件就安装吧,因为是用友登陆的一个java插件,安装后 套帐:选择用友软件测试 公司:随便选吧,里面那么多,我选的是集团0001 当然也可以用其他的去尝试--! 用户:test 密码:123456 然后就一咕噜进去了 --! 漏洞证明: img src="https://images.seebug.org/upload/201307/13...
Solaris 8 (sparc) : 109611-01
Java Plugin 1.2: Product patch for Solaris. Date this patch was last updated by Sun : Jun/09/00 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Solaris 8 (x86) : 109612-01
Java Plugin 1.2x86: Product patch for Solaris. Date this patch was last updated by Sun : Jun/09/00 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
[SECURITY] Fedora 17 Update: icedtea-web-1.3.2-0.fc17
The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...
USN-1755-1: OpenJDK 6 vulnerabilities
It was discovered that OpenJDK did not properly validate certain types of images. A remote attacker could exploit this to cause OpenJDK to crash. CVE-2013-0809 It was discovered that OpenJDK did not properly check return values when performing color conversion for images. If a user were tricked...
SuSE 11.2 Security Update : icedtea-web (SAT Patch Number 7041)
The IcedTea-Web Java plugin has been updated to version 1.3.1 to fix various bugs and security issues. 1.3.1 changes : - Security Updates - RH869040: Heap-based buffer overflow after triggering event attached to applet. CVE-2012-4540 - Common - PR1161: X509VariableTrustManager does not work...
FreeBSD : java 7.x -- security manager bypass (d5e0317e-5e45-11e2-a113-c48508086173)
US CERT reports : Java 7 Update 10 and earlier versions of Java 7 contain a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The Java JRE plug-in provides its own Security Manager. Typically, a web applet runs with a security manage...
CVE-2013-0422
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by 1 using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using t...