Security Bulletin: Java.policy file change in Default Socket Permissions for WebSphere Application Server

Summary IBM® SDK Java™ Technology Edition released by IBM and Oracle JDKs have made a change to the default socket permissions in the java.policy file. Vulnerability Details IBM® SDK Java™ Technology Edition released by IBM and the Oracle JDK's have made a change to the default socket permissions...

CVE-2017-1541

A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. IBM X-Force ID: 130809...

Java Runtime Environment AWT setDiffICM buffer overflow

Added: 11/27/2009 CVE: CVE-2009-3869 BID: 36881 OSVDB: 59710 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in the setDiffICM function of the Abstract Window Toolkit AWT allows command execution when a user loads a...

Java Runtime Environment AWT setDiffICM buffer overflow

Added: 11/27/2009 CVE: CVE-2009-3869 BID: 36881 OSVDB: 59710 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in the setDiffICM function of the Abstract Window Toolkit AWT allows command execution when a user loads a...

Code injection

The installation of Cisco Transport Controller CTC for Cisco Optical Networking System ONS 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute...

CVE-2006-1672

The installation of Cisco Transport Controller CTC for Cisco Optical Networking System ONS 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute...