EUVD-2009-2713

Malware in sbrugna...

CVE-2013-2439

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related...

CVE-2013-2439

CVE-2013-2439 affects IBM WebSphere ILOG JRules (v7.1 with IBM JRE) and IBM Operational Decision Manager (v7.5, v8.0, v8.5) shipped with IBM JRE. Root cause not explicitly detailed in the sources, but remediation is available as interim fixes: for JRules V7.1 use 7.1.1.5-WS-BRMS_JDK-WIN-IF024; OD...

CVE-2013-1569

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors relate...

IBM Java - UTF8 Byte Sequences Security Bypass

IBM Java - UTF8 Byte Sequences Security Bypass source: https://www.securityfocus.com/bid/41918/info IBM Java is prone to a security-bypass vulnerability because it fails to sufficiently sanitize user-supplied input. Successful exploits can allow attackers to bypass filtering mechanisms; this may...

Design/Logic Flaw

The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo aka tz files, aka Bug Id 6824265...

CVE-2009-3880

The Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the...

CVE-2009-2724

Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."...

Design/Logic Flaw

Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6406003...

CVE-2009-2723

CVE-2009-2723 is described as an unspecified vulnerability in deserialization in the Provider class of Sun Java SE 5.0 prior to Update 20, with unknown impact and attack vectors. The provided documents confirm the affected product (Sun Java SE 5.0) and the module (deserialization via the Provider...

CVE-2009-2721

Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6406003...

CVE-2009-2724

Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."...

CVE-2009-2689

JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted 1 applet or 2 application...

CVE-2009-2689

JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted 1 applet or 2 application...

CVE-2009-2475

Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to 1 LayoutQueue, 2 Cursor.predefined, 3...