Oracle Java Applet Rhino Script Engine Policy Bypass (CVE-2011-3544)

A policy bypass vulnerability has been reported in Oracle Java SE. The vulnerability is due to an error in the way the Java Applet handles Rhino JavaScript errors. A remote attacker may exploit this issue by enticing a target user to open a specially crafted web-page or File. Successful...

VMSA-2012-0003 : VMware VirtualCenter Update and ESX 3.5 patch update JRE

a. VirtualCenter and ESX, Oracle Sun JRE update 1.5.032 Oracle Sun JRE is updated to version 1.5.032, which addresses multiple security issues that existed in earlier releases of Oracle Sun JRE. Oracle has documented the CVE identifiers that are addressed in JRE 1.5.032 in the Oracle Java SE...

Java Web Start initial heap size command injection

Added: 03/02/2012 CVE: CVE-2012-0500 BID: 52015 OSVDB: 79227 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Java Web Start allows arbitrary command-line argument injection through...

Oracle Java SE JDK Multiple Vulnerabilities - 03 - (Feb 2012) - Windows

Oracle Java SE JDK is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE JDK Multiple Vulnerabilities - 02 - (Feb 2012) - Windows

Oracle Java SE JDK is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE JRE 2D子组件远程安全漏洞(CVE-2012-0497)

BUGTRAQ ID: 52009 CVE ID: CVE-2012-0497 Sun Java Runtime Environment是一款为JAVA应用程序提供可靠的运行环境的解决方案。 Oracle Java SE中的Java Runtime Environment在实现上存在远程漏洞，可通过多个协议利用，未经验证的攻击者可利用此漏洞影响2D子组件，导致完全控制受影响组件。此漏洞可影响：7 Update 2、6 Update 30 0 Oracle Sun JRE 1.6.x Oracle Sun JDK 1.6.x 厂商补丁： Oracle ------...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.235 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availabili...

CVE-2012-0500

CVE-2012-0500 is described as an unspecified vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE up to certain updates (JRE 7 Update 2 and earlier; JRE 6 Update 30 and earlier; JavaFX 2.0.2 and earlier). The impact is to confidentiality, integrity, and availability via un...

VulnCheck KEV: CVE-2010-0842

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the...

Sun Java Web Start BasicServiceImpl Remote Code Execution (CVE-2010-3563)

A remote code execution vulnerability has been reported in Oracle Java SE. The vulnerability is due to a flaw in the way Web Start retrieves security policies. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted web-page. Successful exploitation...

CVE-2011-3516

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown...

CVE-2011-3545

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknow...

CVE-2011-3552

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking...

CVE-2011-3550

Technical details for CVE-2011-3550 are not provided in the connected documents. Monitor for updates.

Oracle to Release 56 Patches, Plus 20 More For Java in October CPU

Oracle on Tuesday plans to release patches for 56 new vulnerabilities in a huge number of its products through its scheduled quarterly critical patch update. The company said that the various vulnerabilities in this month’s CPU affect hundreds of Oracle products. The most serious group of...

Oracle Critical Patch Update - October 2011

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

Oracle Critical Patch Update - October 2011

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

Oracle Releases Critical Patch Update for October 2011

Oracle has released its Critical Patch Update and Java SE Critical Patch Update Advisory for October 2011 to address 77 vulnerabilities across multiple products. This update contains the following security fixes: 5 for Oracle Database Server 10 for Oracle Fusion Middleware 5 for Oracle E-Business...

Mandriva Update for java-1.6.0-openjdk MDVSA-2011:126 (java-1.6.0-openjdk)

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test Mandriva Update for java-1.6.0-openjdk MDVSA-2011:126 java-1.6.0-openjdk Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...