CVE-2009-3871

Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...

CVE-2009-3869

Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...

DSquare Exploit Pack: D2SEC_JRETK

Name| d2secjretk ---|--- CVE| CVE-2009-3865 Exploit Pack| D2ExploitPack Description| Java Runtime Environment Deployment Toolkit Command Execution Vulnerability Notes|...

CVE-2009-3875

CVE-2009-3875 : The Java Runtime Environment (JRE) in Sun/Oracle Java SE has a timing-attack flaw in the HMAC digest verification that could allow forged signatures and potentially bypass authentication. Affected products include JDK/JRE 5.0 before Update 22, JDK/JRE 6 before Update 17, and older...

CVE-2009-3869

Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...

CVE-2009-3871

Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...

CVE-2009-3871

CVE-2009-3871 is a heap-based buffer overflow in the AWT setBytePixels function of the Java Runtime Environment (JRE). Affected products/lines include Sun Java SE (JDK/JRE) 5.0 before Update 22, JDK/JRE 6 before Update 17, and older SDK/JRE 1.3.x/1.4.x branches. Other connected advisories referen...

CVE-2009-3869

CVE-2009-3869 : A stack-based buffer overflow in the Abstract Window Toolkit (AWT) setDiffICM function of the Java Runtime Environment allows remote code execution. Affected products include Sun/Oracle Java SE/JDK/JRE 5.0 before Update 22, JDK/JRE 6 before Update 17, SDK/JRE 1.3.x before 1.3.1_27...

CVE-2009-3865

The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...

CVE-2009-3869

Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...

CVE-2009-3875

The MessageDigest.isEqual function in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to spoof HMAC-based digital signatures, and possibl...

OpenJDK: DoS (disk consumption) via handling of temporary font files

Multiple unspecified vulnerabilities in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service disk consumption via vectors related to temporary font files and 1 "limits on Font...

Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of JPEG image...

VMware Mega Patch Plugs Security Holes

Virtualization software specialist VMware has shipped a massive batch of critical security updates to cover 48 security holes in a wide range of its server and workstation products. According to an advisory from VMWare, the vulnerabilities affect the DHCP Server,DHCP Client, Service Console kerne...

SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12313)

IBM Java 1.4.2 SR12 fixes the following security problems : - Security vulnerabilities in the Java Runtime Environment may allow an untrusted applet that is loaded from a remote system to circumvent network access restrictions and establish socket connections to certain services running on the...

SuSE 10 Security Update : IBM Java (ZYPP Patch Number 5846)

IBM Java 1.4.2 SR12 fixes the following security problems : - Security vulnerabilities in the Java Runtime Environment may allow an untrusted applet that is loaded from a remote system to circumvent network access restrictions and establish socket connections to certain services running on the...

SuSE9 Security Update : IBM Java5 JRE and SDK (YOU Patch Number 12336)

This update brings IBM Java 5 to Service Release 9. It fixes the following security problems : - A security vulnerability in the Java Runtime Environment JRE may allow an untrusted applet or application to list the contents of the home directory of the user running the applet or application...

SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 5960)

This update brings IBM Java 5 to Service Release 9. It fixes the following security problems : - A security vulnerability in the Java Runtime Environment JRE may allow an untrusted applet or application to list the contents of the home directory of the user running the applet or application...

OpenJDK Proxy mechanism information leaks (6801071)

The SOCKS proxy implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted 1 applet or 2 Java Web Start application via unspecified vectors...

RHEL 4 / 5 : java-1.6.0-sun (RHSA-2008:1018)

Updated java-1.6.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the...