Java Deployment Toolkit insufficient argument validation

Overview The Sun Java Deployment Toolkit plugin and ActiveX control perform insufficient argument validation, allowing an attacker to perform several attacks, including the execution of an arbitrary JAR file. Description The Sun Java Deployment Toolkit contains an NPAPI Netscape compatible plugin...

Java Deployment Toolkit Performs Insufficient Validation

Java Deployment Toolkit Performs Insufficient Validation of Parameters ------------------------------------------------------------------------- Java Web Start henceforth, jws provides java developers with a way to let users launch and install their applications using a URL to a Java Networking...

Java Deployment Toolkit - Performs Insufficient Validation of Parameters

Java Deployment Toolkit - Performs Insufficient Validation of Parameters Java Deployment Toolkit Performs Insufficient Validation of Parameters ------------------------------------------------------------------------- Java Web Start henceforth, jws provides java developers with a way to let users...

Oracle Java SE Multiple Vulnerabilities (Windows)

This host is installed with Sun Java SE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboraclejavasemultvulnwinapr10.nasl 7699 2017-11-08 12:10:34Z santu $ Oracle Java SE Multiple Vulnerabilities Windows Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone Networ...

Design/Logic Flaw

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18 allows remote attackers to affect integrity and availability via unknown vectors...

CVE-2010-0087

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2010-0090

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18 allows remote attackers to affect integrity and availability via unknown vectors...

CVE-2010-0089

CVE-2010-0089 affects Oracle Java SE/Java for Business components (Java Web Start, Java Plug-in) in Java 6 Update 18, 5.0 Update 23, and 1.4.2_25. Connected data corroborate that multiple sources reference this CVE within a broader set of Java/VM vulnerabilities and related advisories; however, t...

CVE-2010-0087

Technical details for CVE-2010-0087 are not publicly available in the provided connected documents. Monitor for updates.

CVE-2010-0089

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect availability via unknown vectors...

JDK unspecified vulnerability in JavaWS/Plugin component

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect availability via unknown vectors...

JDK unspecified vulnerability in JWS/Plugin component

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

JDK unspecified vulnerability in JWS/Plugin component

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

Oracle Releases Critical Patch Update for Java SE and Java for Business

Oracle has released a critical patch update to address 27 vulnerabilities in Java SE and Java for Business. These vulnerabilities are in the following components: ImageIO, Java 2D, Java Runtime Environment, Java Web Start, Pack200, Sound, JSSE, and HotSpot Server. US-CERT encourages users and...

Oracle Java SE Multiple Vulnerabilities (March 2010 CPU)

The version of Oracle formerly Sun Java Runtime Environment JRE installed on the remote host is earlier than 6 Update 19 / 5.0 Update 24 / 1.4.226. Such versions are potentially affected by security issues in the following components : - ImageIO - Java 2D - JRE - Java Web Start, Java Plug-in -...

JDK unspecified vulnerability in JWS/Plugin component

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

OpenJDK Untrusted applet System properties access (6738524)

The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java Web Start applications, which allows context-dependent attackers to obtain sensiti...

java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)

The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an...

Java Web Start Buffer JPEG processing integer overflow (6823373)

Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a...

SuSE9 Security Update : IBM Java 1.5.0 (YOU Patch Number 12564)

IBM Java 5 was updated to Service Refresh 11. It fixes lots of bugs and security issues. It also contains a timezone update for the current Fiji change timezone 1.6.9s. The update fixes the following security issues : - A vulnerability in the Java Runtime Environment with decoding DER encoded dat...