java 7.x -- security manager bypass

US CERT reports: Java 7 Update 10 and earlier versions of Java 7 contain a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The Java JRE plug-in provides its own Security Manager. Typically, a web applet runs with a security manager...

openSUSE: Security Advisory for java-1_6_0-openjdk (openSUSE-SU-2012:1175-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 16 Update: icedtea-web-1.3.1-1.fc16

The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...

[SECURITY] Fedora 17 Update: icedtea-web-1.3.1-1.fc17

The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...

icedtea security update

CentOS Errata and Security Advisory CESA-2012:1434 Updated icedtea-web packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS bas...

Apple update removes Java plugin from OS X browsers

Apple has discontinued its own Java plugin, issuing an 'update' that removes it from MacOS and encourages users to instead download Oracle's version of the software. Its another step by Apple towards making OS X safer on the web. Mac users may have noticed that Java-based websites are displaying ...

[SECURITY] Fedora 16 Update: icedtea-web-1.3-2.fc16

The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...

RedHat Update for icedtea-web RHSA-2012:1132-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

icedtea security update

CentOS Errata and Security Advisory CESA-2012:1132 Updated icedtea-web packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS bas...

CentOS 5 / 6 : firefox (CESA-2012:0387)

Updated firefox packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Critical: Red Hat Security Advisory: firefox security and bug fix update

Updated firefox packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

[SECURITY] Fedora 15 Update: icedtea-web-1.0.4-1.fc15

The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...

Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow (CVE-2010-3552)

Java Technology is a programming platform which aims to provide a system for developing and deploying cross-platform applications. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which will allow execution of arbitrar...

Mozilla Suite/Firefox - Navigator Object Code Execution (Metasploit)

$Id: mozillanavigatorjava.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

JDK unspecified vulnerability in JavaWS/Plugin component

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect availability via unknown vectors...

CVE-2010-1423

Argument injection vulnerability in the URI handler in a Java NPAPI plugin and b Java Deployment Toolkit in Java 6 Update 10, 19, and other versions, when running on Windows and possibly on Linux, allows remote attackers to execute arbitrary code via the 1 -J or 2 -XXaltjvm argument to javaws.exe...

Mozilla Suite/Firefox Navigator Object Code Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core/constants' require 'msf/core'...

JDK improper version selection

The plugin functionality in Sun Java SE 6 before Update 15 does not properly implement version selection, which allows context-dependent attackers to leverage vulnerabilities in "old zip and certificate handling" and have unspecified other impact via unknown vectors...

HP-UX Update for Java VM (J2SE) and Java Plugin HPSBUX00268

Check for the Version of Java VM J2SE and Java Plugin OpenVAS Vulnerability Test HP-UX Update for Java VM J2SE and Java Plugin HPSBUX00268 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

HP-UX Update for Java VM (J2SE) and Java Plugin HPSBUX00268

Check for the Version of Java VM J2SE and Java Plugin OpenVAS Vulnerability Test HP-UX Update for Java VM J2SE and Java Plugin HPSBUX00268 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...