[slackware-security] java (jre, jdk)

Sun has released security advisories pertaining to both the Java Runtime Environment and the Standard Edition Development Kit. One such advisory may be found here: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 Updated versions of both the jre and jdk packages are provided whic...

Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions

Unspecified vulnerability in the Java Runtime Environment JRE Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.214 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to...

java: Vulnerability in the font parsing code

Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.214 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself...

BMP image parser vulnerability

The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...

Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions

Unspecified vulnerability in the Java Runtime Environment JRE Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.214 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to...

Critical: Red Hat Security Advisory: java-1.5.0-sun security update

Updated java-1.5.0-sun packages that correct several security issues are available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the software and tools that user...

EEYE: Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability

Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability Release Date: July 5, 2007 Date Reported: Jan 19, 2007 Severity: High Remote Code Execution Vendor: Sun Microsystems Systems Affected: Java Runtime Environment 6 Update 1, and earlier Java Runtime Environment 5 Update 11, and earlier...

Sun Java Runtime Environment 1.6 - Web Start .JNLP File Stack Buffer Overflow

Sun Java Runtime Environment 1.6 - Web Start .JNLP File Stack Buffer Overflow source: https://www.securityfocus.com/bid/24832/info Sun Java Runtime Environment is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it...

[ GLSA 200705-23 ] Sun JDK/JRE: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 200705-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

Sun JDK/JRE: Multiple vulnerabilities

Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description An unspecified vulnerability involving an "incorrect use of system classes" was reported by the Fujitsu security team. Additionally, Chris Evans from the Google Security...

Code injection

The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...

CVE-2007-2789

CVE-2007-2789 concerns the BMP image parser in Sun JDK/JRE on Unix/Linux, where untrusted applets or applications that open arbitrary local files via a crafted BMP can cause the JVM to hang (DoS). Affected product ranges include JDK/JRE prior to 1.5.0_11-b03, 1.6.x prior to 1.6.0_01-b06, and olde...

java-jre: GIF buffer overflow

Buffer overflow in Sun JDK and Java Runtime Environment JRE 5.0 Update 9 and earlier, SDK and JRE 1.4.212 and earlier, and SDK and JRE 1.3.118 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption...

security flaw

Multiple unspecified vulnerabilities in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, and Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges,...

security flaw

Multiple buffer overflows in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allow attackers to develop Java applets that read, write, or execute...

security flaw

Unspecified vulnerability in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 5 and earlier, Java System Development Kit SDK and JRE 1.4.210 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allows attackers to use untrusted applets to "access data in other...

security flaw

Unspecified vulnerability in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 6 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allows attackers to use untrusted applets to "access data in other...

RHEL 2.1 : IBMJava2 (RHSA-2007:0072)

IBMJava2-JRE and IBMJava2-SDK packages that correct several security issues are available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.3.1 Java release includes the IBM Java 2 Runtime Environment and...

security flaw

Unspecified vulnerability in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 5 and earlier, Java System Development Kit SDK and JRE 1.4.210 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allows attackers to use untrusted applets to "access data in other...

security flaw

Multiple unspecified vulnerabilities in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, and Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges,...