JDK: unspecified vulnerability fixed in 6u26 (2D)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

OpenJDK local network address disclosure (6952603)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality via unknown vectors...

JDK unspecified vulnerability in Deployment component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 21 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related t...

OpenJDK DNS cache poisoning by untrusted applets (6981922)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors...

JDK unspecified vulnerability in Sound component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and...

JDK unspecified vulnerability in Deployment component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown...

CVE-2011-0862

CVE-2011-0862 affects the Java Runtime Environment (JRE) in Oracle Java SE 6 up to update 25, Java SE 5 up to update 29, and Java 1.4.2 up to 1.4.2_31, via unknown 2D-related vectors that could compromise confidentiality, integrity, and availability. The MiracleLinux AXSA:2011-485 advisory notes ...

CVE-2011-0866

CVE-2011-0866 is an unspecified vulnerability in the Java Runtime Environment (JRE) that affects Oracle Java SE 6 Update 25 and earlier, Java 5.0 Update 29 and earlier, and 1.4.2_31 and earlier on Windows. It allows remote untrusted Java Web Start applications and untrusted applets to compromise ...

CVE-2011-0869

CVE-2011-0869 affects Oracle Java SE 6 Update 26 and earlier in the JRE. The vulnerability is in the JRE’s SAAJ handling and could allow remote untrusted Java Web Start applications or applets to disclose data (confidentiality impact). The MiracleLinux/Nessus OpenVAS entries confirm the CVE and r...

Oracle Addresses 17 Bugs with Java Update

Oracle has pushed an update to its popular Java SE platform by patching 17 vulnerabilities, all which could allow an attacker to remotely exploit a machine without authentication. In the patch update, five apply to client and server versions of Java SE. Eleven of the patches apply to client...

Oracle Releases Critical Patch Update for June 2011

Oracle released its June Critical Patch Update CPU containing 17 security fixes for the following products: JDK and JRE 6 Update 25 and earlier for Windows, Solaris, and Linux JDK and JRE 5.0 Update 29 and earlier for Windows, Solaris, and Linux SDK and JRE 1.4.231 and earlier for Windows, Solari...

Oracle Releases Critical Patch Update for Java SE and Java for Business

Oracle has released a Critical Patch Update for Java SE and Java for Business. This update addresses multiple vulnerabilities and contains 21 security fixes. US-CERT encourages users and administrators to review the Oracle Java SE and Java for Business Critical Patch Update Advisory for February...

CVE-2010-4467

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 10 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related t...

CVE-2010-4474

Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows local users to affect confidentiality via unknown vectors related to Security, a similar vulnerability to CVE-2009-4269...

Security feature bypass

Unspecified vulnerability in the Deployment component in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011...

CVE-2010-4422

CVE-2010-4422 is an unspecified vulnerability in the Deployment area of Oracle Java SE/Java for Business 6 Update 23 and earlier. Documents confirm impact on confidentiality, integrity, and availability via Deployment-related vectors, with concrete references showing this CVE included in Java upd...

CVE-2010-4447

Technical details for CVE-2010-4447 are not publicly available in the provided connected documents; monitor for updates.

CVE-2010-4450

CVE-2010-4450 is an unspecified vulnerability in the Java Runtime Environment (JRE) across Oracle Java SE and Java for Business packages ( Solaris/Linux: 6 Update 23 and earlier; 5.0 Update 27 and earlier; 1.4.2_29 and earlier). The issue is described as allowing local standalone applications to ...

CVE-2010-4467

CVE-2010-4467 is documented as a vulnerability in Oracle Java SE/JRE 6 Update 10 through 6 Update 23 that could allow remote untrusted Java Web Start applications and untrusted applets to affect confidentiality, integrity, and availability via deployment-related vectors. Connected advisories show...