106 matches found
JavaWebStart allows unauthorized network connections
Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka...
FreeBSD : jdk/jre -- Security Vulnerability With Java Plugin (ac619d06-3ef8-11d9-8741-c942c075aa41)
The Sun Java Plugin capability in Java 2 Runtime Environment JRE 1.4.201, 1.4.204, and possibly earlier versions, does not properly restrict access between JavaScript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code...
Ubuntu: Security Advisory (USN-592-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CORE-2008-1128: Openfire multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Openfire multiple vulnerabilities 1. Advisory Information Title: Openfire multiple vulnerabilities Advisory ID: CORE-2008-1128 Advisory URL:...
openfire -- multiple vulnerabilities
Core Security Technologies reports: Multiple cross-site scripting vulnerabilities have been found which may lead to arbitrary remote code execution on the server running the application due to unauthorized upload of Java plugin code...
Core Security Technologies Advisory 2008.1128
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Openfire multiple vulnerabilities 1. Advisory Information Title: Openfire multiple vulnerabilities Advisory ID: CORE-2008-1128 Advisory URL:...
Openfire multiple vulnerabilities
Openfire multiple vulnerabilities 1. Advisory Information Title: Openfire multiple vulnerabilities Advisory ID: CORE-2008-1128 Advisory URL: Date published: 2009-01-08 Date of last update: 2009-01-07 Vendors contacted: Jive Software Release mode: Coordinated release 2. Vulnerability Information...
CVE-2008-2806
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin JEP and Java LiveConnect...
Design/Logic Flaw
Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrusted applets to gain privileges via unknown attack vectors...
CVE-2008-2221
Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrusted applets to gain privileges via unknown attack vectors...
CVE-2008-2221
Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrusted applets to gain privileges via unknown attack vectors...
DSA-1534-2 iceape - regression
Bulletin has no description...
Debian Security Advisory DSA 1535-1 (iceweasel)
The remote host is missing an update to iceweasel announced via advisory DSA 1535-1. OpenVAS Vulnerability Test $Id: deb15351.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1535-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian DSA-1532-1 : xulrunner - several vulnerabilities
This shares a lot of text with dsa-1534.wml, dsa-1535.wml, dsa-1574.wml Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-4879 Peter Broderse...
DSA-1535-1 iceweasel
Bulletin has no description...
[SECURITY] [DSA 1534-1] New iceape packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1534-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28, 2008 http://www.debian.org/security/faq -...
Design/Logic Flaw
LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse the content origin for jar: URIs before sending them to the Java plugin, which allows remote attackers to access arbitrary ports on the local machine. NOTE: this is closely related to CVE-2008-1195...
CVE-2008-1240
LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse the content origin for jar: URIs before sending them to the Java plugin, which allows remote attackers to access arbitrary ports on the local machine. NOTE: this is closely related to CVE-2008-1195...
CVE-2008-1240
Technical details for CVE-2008-1240 are not present in the connected documents. The initial description notes a jar URI content-origin parsing issue in LiveConnect affecting Firefox/SeaMonkey, but there are no accompanying technical specifics (affected product versions, root cause, or fixes) in t...
DSA-1534-1 iceape
Bulletin has no description...