Sun JRE/SDK 1.x Untrusted Applet Java Security Model Violation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7824/info It has been reported that the Sun Java Runtime Environment does not properly protect trusted java applets. Because of this, it may be possible for an attacker to use a malicious applet to gain access to sensitiv...

Java RMIConnectionImpl Deserialization Privilege Escalation Exploit

No description provided by source. $Id: javarmiconnectionimpl.rb 10490 2010-09-27 00:09:17Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

Sun Java Applet2ClassLoader - Remote Code Execution Exploit

No description provided by source. $Id: javacodebasetrust.rb 11983 2011-03-16 05:01:29Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...

Sun Java Runtime Environment 1.3/1.4/1.5 Nested Array Objects Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18058/info The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions. This issue is reported to affect Java Runtime...

Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28125/info Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to...

Sun Java Runtime Environment 1.4.2 - Font Parsing Remote Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25340/info The Sun Java Runtime Environment is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the user who invoked the Java applet...

Critical: Red Hat Security Advisory: java-1.7.1-ibm security update

Updated java-1.7.1-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 7 Supplementary. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP...

Important: Red Hat Security Advisory: java-1.5.0-ibm security update

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2...

OpenJDK: Proper class checking (JMX, 8008120)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from...

OpenJDK: AccessControlContext check order issue (Libraries, 8001330)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

OpenJDK: Various AWT integer overflow checks (AWT, 8009071)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE...

OpenJDK: ImagingLib byte lookup processing (2D, 8011243)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2...

JDK: unspecified vulnerability fixed in 7u25 (Deployment)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than...

OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information...

OpenJDK: Incorrect image layout verification (2D, 8012601)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2...

OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect...

JDK: unspecified vulnerability fixed in 6u51 and 5u51 (AWT)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT...