Lucene search
K

138 matches found

UbuntuCve
UbuntuCve
added 2011/06/14 12:0 a.m.37 views

CVE-2011-0868

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D...

5CVSS5.9AI score0.04274EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/06/10 12:0 a.m.38 views

JVN#09206238: Java Web Start may insecurely load settings files

Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file search path, which may insecurely load settings files. Impact An attacker may execute arbitrary code with t...

7.6CVSS8.7AI score0.02437EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/06/10 12:0 a.m.50 views

JVN#18680611: Java Web Start may insecurely load dynamic libraries

Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrar...

7.6CVSS8.7AI score0.02948EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/06/10 12:0 a.m.30 views

JVN#29212182: Java Web Start may insecurely load policy files

Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file search path, which may insecurely load policy files. Impact An attacker may execute arbitrary code with the...

7.6CVSS8.7AI score0.02347EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/02/28 12:0 a.m.34 views

Oracle Java SE Code Execution Vulnerability (Windows-01)

This host is installed with Sun Java SE and is prone to code execution vulnerability. OpenVAS Vulnerability Test $Id: secpodoraclejavacodeexecvulnwin01.nasl 7699 2017-11-08 12:10:34Z santu $ Oracle Java SE Code Execution Vulnerability Windows-01 Authors: Madhuri D Copyright: Copyright c 2011...

10CVSS0.8AI score0.02415EPSS
Exploits0References2
Saint
Saint
added 2010/04/22 12:0 a.m.52 views

Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow

Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...

7.5CVSS9.6AI score0.03538EPSS
Exploits4
Saint
Saint
added 2010/04/22 12:0 a.m.60 views

Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow

Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...

7.5CVSS9.6AI score0.03538EPSS
Exploits4
Saint
Saint
added 2010/04/22 12:0 a.m.109 views

Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow

Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...

7.5CVSS9.6AI score0.03538EPSS
Exploits4
Saint
Saint
added 2010/04/22 12:0 a.m.56 views

Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow

Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...

7.5CVSS9.6AI score0.03538EPSS
Exploits4
Saint
Saint
added 2010/04/20 12:0 a.m.39 views

Sun Java Web Start command-line argument injection

Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...

10CVSS9.4AI score0.69949EPSS
Exploits7
0day.today
0day.today
added 2010/04/09 12:0 a.m.38 views

Java Deployment Toolkit Performs Insufficient Validation of Parameters

Exploit for windows platform in category remote exploits ====================================================================== Java Deployment Toolkit Performs Insufficient Validation of Parameters ====================================================================== Java Deployment Toolkit...

7.1AI score
Exploits0
Prion
Prion
added 2009/11/09 7:30 p.m.22 views

Design/Logic Flaw

The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo aka tz files, aka Bug Id 6824265...

5CVSS6.3AI score0.02951EPSS
Exploits5References13Affected Software1
UbuntuCve
UbuntuCve
added 2009/11/09 7:30 p.m.28 views

CVE-2009-3886

The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP 1 application or 2 applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531...

7.5CVSS5.9AI score0.01701EPSS
Exploits0References1
NVD
NVD
added 2009/11/09 7:30 p.m.21 views

CVE-2009-3886

The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP 1 application or 2 applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531...

7.5CVSS6.2AI score0.01701EPSS
Exploits0References5
Cvelist
Cvelist
added 2009/11/09 7:0 p.m.41 views

CVE-2009-3886

The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP 1 application or 2 applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531...

6AI score0.01701EPSS
Exploits0References5
NVD
NVD
added 2009/08/10 8:30 p.m.22 views

CVE-2009-2718

The Abstract Window Toolkit AWT implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an...

6.8CVSS7.2AI score0.01715EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2009/08/10 8:30 p.m.57 views

CVE-2009-2717

The Abstract Window Toolkit AWT implementation in Sun Java SE 6 before Update 15 on Windows 2000 Professional does not provide a Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet...

6.8CVSS5.9AI score0.0133EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/08/10 8:30 p.m.29 views

CVE-2009-2718

The Abstract Window Toolkit AWT implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an...

6.8CVSS6.3AI score0.01715EPSS
Exploits0References2
Prion
Prion
added 2009/08/10 8:30 p.m.19 views

Design/Logic Flaw

The Abstract Window Toolkit AWT implementation in Sun Java SE 6 before Update 15 on Windows 2000 Professional does not provide a Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet...

6.8CVSS6.8AI score0.0133EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/08/10 8:30 p.m.12 views

Design/Logic Flaw

The plugin functionality in Sun Java SE 6 before Update 15 does not properly implement version selection, which allows context-dependent attackers to leverage vulnerabilities in "old zip and certificate handling" and have unspecified other impact via unknown vectors...

7.5CVSS7.1AI score0.01287EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder