2579 matches found
Sun and Blackdown Java: Applet privilege escalation
Background Sun and Blackdown both provide implementations of the Java Development Kit JDK and Java Runtime Environment JRE. Description Adam Gowdiak discovered multiple vulnerabilities in the Java Runtime Environment's Reflection APIs that may allow untrusted applets to elevate privileges. Impact...
CVE-2005-3583
1 Java Runtime Environment JRE and 2 Software Development Kit SDK 1.4.208, 1.4.209, and 1.5.005 and possibly other versions allow remote attackers to cause a denial of service JVM unresponsive via a crafted serialized object, such as a font object as demonstrated on JBoss...
CVE-2005-3583
The CVE-2005-3583 entry concerns Oracle/Sun Java Runtime Environment (JRE) and Software Development Kit (SDK) versions 1.4.2_08, 1.4.2_09, and 1.5.0_05 (and possibly others) that allow remote attackers to cause a denial of service by sending a crafted serialized object (e.g., a font object), whic...
CVE-2005-3583
1 Java Runtime Environment JRE and 2 Software Development Kit SDK 1.4.208, 1.4.209, and 1.5.005 and possibly other versions allow remote attackers to cause a denial of service JVM unresponsive via a crafted serialized object, such as a font object as demonstrated on JBoss...
CVE-2004-2540
readObject in 1 Java Runtime Environment JRE and 2 Software Development Kit SDK 1.4.0 through 1.4.205 allows remote attackers to cause a denial of service JVM unresponsive via crafted serialized data...
CVE-2001-1480
Java Runtime Environment JRE and SDK 1.2 through 1.3.004 allows untrusted applets to access the system clipboard...
CVE-2001-1480
Affected software: Sun JRE/JDK 1.2–1.3.0_04. Vulnerable component: clipboard access logic in untrusted applets. Root cause/impact: enables untrusted applets to access the system clipboard, potentially exposing or altering clipboard data. Affected products explicitly listed as SUN JRE/JDK versions...
CVE-2003-1123
Sun Java Runtime Environment JRE and SDK 1.4.001 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model...
CVE-2004-1503
Integer overflow in the InitialDirContext in Java Runtime Environment JRE 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service Java exception and failed DNS requests via a large number of DNS requests, which causes the xid variable to wrap around and becom...
CVE-2004-1503
The CVE-2004-1503 entry concerns the Java Runtime Environment (JRE) InitialDirContext vulnerability. Affected software are JRE versions 1.4.2, 1.5.0 (and possibly others). The issue arises in the InitialDirContext where an integer overflow allows a large sequence of DNS requests to cause the xid ...
HP-UX PHSS_22678 : HP-UX ContinentalClusters, Remote Unauthorized Access (HPSBUX00133 SSRT071376 rev.2)
s700800 11.X Continental Clusters A.02.00 : ContinentalClusters includes the Java Runtime Environment JRE which is affected by the security issue described in Hewlett-Packard Company Security Bulletin 0132, 30 Nov. '00, ITRC Technical Knowledge base Document ID HPSBUX0011-132. %NASLMINLEVEL 70300...
CVE-2004-1503
Integer overflow in the InitialDirContext in Java Runtime Environment JRE 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service Java exception and failed DNS requests via a large number of DNS requests, which causes the xid variable to wrap around and becom...
CVE-2004-2540
readObject in 1 Java Runtime Environment JRE and 2 Software Development Kit SDK 1.4.0 through 1.4.205 allows remote attackers to cause a denial of service JVM unresponsive via crafted serialized data...
CVE-2004-1029
The Sun Java Plugin capability in Java 2 Runtime Environment JRE 1.4.201, 1.4.204, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using th...
DOS against Java JNDI/DNS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iKu Advisory Product : Java Runtime Environment Date : November 8th 2004 Affected versions : 1.4.2, 1.5.0, probably more Vulnerability Type : remote denial of service Severity 1-10 : 3 Remote : yes 0. contents 1. problem description 2. symptoms 3. bug...
Sun Java Runtime Environment 1.4.x - Font Object Assertion Failure Denial of Service
Sun Java Runtime Environment 1.4.x - Font Object Assertion Failure Denial of Service source: https://www.securityfocus.com/bid/10623/info The Sun Java Runtime Environment Font object is reportedly vulnerable to an assertion failure denial of service vulnerability. This issue is due to a failure o...
Sun Java Runtime Environment 1.4.x - Font Object Assertion Failure Denial of Service
source: https://www.securityfocus.com/bid/10623/info The Sun Java Runtime Environment Font object is reportedly vulnerable to an assertion failure denial of service vulnerability. This issue is due to a failure of the process to handle exceptional conditions when processing font objects. This iss...
Sun Java Runtime Environment vulnerable to DoS
Overview The Sun Java Runtime Environment JRE contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service condition in the Java Virtual Machine JVM. Description The Sun Java Runtime Environment provides the libraries and components necessary to run...
CVE-2003-1123
Sun Java Runtime Environment JRE and SDK 1.4.001 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model...
CVE-2003-1156
Java Runtime Environment JRE and Software Development Kit SDK 1.4.2 through 1.4.202 allows local users to overwrite arbitrary files via a symlink attack on 1 unpack.log, as created by the unpack program, or 2 .mailcap1 and .mime.types1, as created by the RPM program...