CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2008/10/24 2:44 p.m.•1 views

Java Web Start, untrusted application may determine Cache Location (6704074)

Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...

5CVSS5.8AI score0.03332EPSS

RedHat Linux•added 2008/10/24 2:44 p.m.•39 views

Critical: Red Hat Security Advisory: java-1.6.0-ibm security update

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The IBM 1.6.0 Java release...

10CVSS7.2AI score0.23658EPSS

Exploits1References8

securityvulns•added 2008/10/16 12:0 a.m.•30 views

Sun Java Web Proxy buffer overflow

Buffer overflow on FTP resource GET request handling in HTTP proxy...

10CVSS1AI score0.15786EPSS

Exploits1References1Affected Software1

OpenVAS•added 2008/09/24 12:0 a.m.•15 views

Gentoo Security Advisory GLSA 200503-28 (Java)

The remote host is missing updates announced in advisory GLSA 200503-28. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.7AI score0.02371EPSS

OpenVAS•added 2008/09/24 12:0 a.m.•24 views

Gentoo Security Advisory GLSA 200503-28 (Java)

The remote host is missing updates announced in advisory GLSA 200503-28. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

10CVSS0.8AI score0.02371EPSS

Exploits0

Tenable Nessus•added 2008/09/14 12:0 a.m.•38 views

SuSE 10 Security Update : IBM Java 1.5 (ZYPP Patch Number 5591)

IBM Java 5 was updated to SR8 to fix various security issues : - Multiple vulnerabilities with unsigned applets were reported. A remote attacker could misuse an unsigned applet to connect to localhost services running on the host running the applet. CVE-2008-3104 - A vulnerability in the XML...

10CVSS8.7AI score0.23658EPSS

Exploits5References14

Tenable Nessus•added 2008/09/03 12:0 a.m.•34 views

SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 5557)

10CVSS8.7AI score0.23658EPSS

Exploits5References14

Tenable Nessus•added 2008/08/18 12:0 a.m.•13 views

Sun Java System Web Proxy Server Detection

Binary data 4625.prm...

7.3AI score

Exploits0

RedHat Linux•added 2008/08/13 2:19 p.m.•3 views

Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue...

9.3CVSS6.3AI score0.32968EPSS

10CVSS6AI score0.0731EPSS

Java Web Start, arbitrary file creation (6703909)

9.3CVSS7.4AI score0.32968EPSS

Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...

9.3CVSS6.4AI score0.32968EPSS

Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with 1 a long key name in the xml header or 2 a long charset value, different issu...

10CVSS6AI score0.20566EPSS

Java Web Start arbitrary file creation/deletion file with user permissions (6704077)

Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077...

RedHat Linux•added 2008/08/13 2:19 p.m.•3 views

Java Web Start Buffer overflow vulnerabilities (6557220)

Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by a an application that grants itself...

10CVSS6.2AI score0.13359EPSS

Exploits4References4

RedHat Linux•added 2008/08/13 2:19 p.m.•0 views

Buffer overflow security vulnerabilities in Java Web Start

Stack-based buffer overflow in Java Web Start javaws.exe in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file...

6.8CVSS6.4AI score0.32562EPSS

5CVSS5.8AI score0.03332EPSS

Java Web Start, untrusted application may determine Cache Location (6704074)

RedHat Linux•added 2008/08/13 2:18 p.m.•1 views

Java Web Start, untrusted application may determine Cache Location (6704074)

5CVSS5.8AI score0.03332EPSS