Vulnerability of the Java Platform software platform, allowing a perpetrator to execute arbitrary code

The vulnerability of the Java Platform’s CORBA subsystem is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code via a Java Web Start application or Java applet, from a remote location...

Vulnerability of the Java Platform software platform, which allows attackers to gain access to protected information

The vulnerability of the Java Platform is related to errors in the code. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information through the use of the Java Web Start application or Java applet...

Vulnerability of the Java Platform software platform, allowing a perpetrator to execute arbitrary code

The vulnerability of the RMI subsystem of the Java Platform is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code via a Java Web Start application or Java applet, from a remote location...

Vulnerability of the Java Platform software platform, which allows attackers to gain access to protected information

The vulnerability of the Java Platform is related to errors in the code. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information through the use of the Java Web Start application or Java applet...

Unspecified Vulnerability in Oracle Java SE Serviceability Subpart (CNVD-2015-00554)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Serviceability subcomponent, which allows an attacker to build untrustworthy Java Web Start applications and...

Oracle Java SE Install Subcomponent Local Arbitrary Code Execution Vulnerability

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Install subcomponent, which allows an attacker to build untrusted Java Web Start applications and untrusted Java...

Unspecified Vulnerability in Oracle Java SE Deployment Subcomponent (CNVD-2015-00562)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Deployment subcomponent, which allows an attacker to build untrustworthy Java Web Start applications and untrustwort...

Java Deployment Toolkit Performs Insufficient Validation of Parameters

No description provided by source. Java Deployment Toolkit Performs Insufficient Validation of Parameters ------------------------------------------------------------------------- Java Web Start henceforth, jws provides java developers with a way to let users launch and install their applications...

Sun Java Web Start 1.0/1.2 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31916/info Sun Java Web Start is prone to a remote command-execution vulnerability. Successful exploits may allow attackers to execute arbitrary commands on an unsuspecting user's computer. This may aid in further attacks...

Sun Java Web Start Plugin Command Line Argument Injection

No description provided by source. $Id: javawsarginjectaltjvm.rb 10404 2010-09-21 00:13:30Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

CVE-2011-2514

The Java Network Launching Protocol JNLP implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warnin...

CVE-2011-2514

The Java Network Launching Protocol JNLP implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warnin...

Sun Java Web Start dnsResolve ActiveX Buffer Overflow - Ver2 (CVE-2007-5019)

A buffer overflow vulnerability has been reported in numerous forms. The vulnerability is due to a boundary error in the Sun Java Web Start ActiveX control that fails to properly handle user supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute...

Fedora Update for icedtea-web FEDORA-2014-2071

Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2014-2071 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Fedora Update for icedtea-web FEDORA-2013-17016

Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2013-17016 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

Fedora Update for icedtea-web FEDORA-2013-17026

Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2013-17026 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

Sun Java Web Start Double Quote Injection (CVE-2012-1533)

A remote code execution vulnerability has been in Java Web Start...

[SECURITY] Fedora 19 Update: icedtea-web-1.4.1-0.fc19

The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...

Java Applet Driver Manager Privileged toString() Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class Metasploit3 false def initialize inf...

Sun Java Web Start Double Quote Injection

======================================================== Java Web Start Double Quote Inject Remote Code Execution ======================================================== Date: Jun 12 2012 updated: Jun 6 2013 Author: Rh0 Version: At least Java 1.6.31 to 1.6.35 and 1.7.03 to 1.7.07 Tested on:...