1237 matches found
CVE-2008-1196
Stack-based buffer overflow in Java Web Start javaws.exe in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file...
CVE-2008-1189
CVE-2008-1189 is described as a buffer overflow in Java Web Start affecting Sun JDK/JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier. The description indicates remote arbitrary-code execution via unknown vectors, in a different issue from CVE-2008-1188. Conn...
CVE-2008-1191
Technical details for CVE-2008-1191 are not provided in the supplied documents. Please monitor for updates.
CVE-2008-1188
CVE-2008-1188 is a Java Web Start buffer-overflow issue in Sun/Oracle JRE/JDK (6 Upd 4 and earlier, 5.0 Upd 14 and earlier) exploited via a crafted JNLP file (long key name in XML header or long charset). The connected RHSA-2008:0267 notes the vulnerability affects Java 1.6.0 IBM and lists affect...
CVE-2008-1190
CVE-2008-1190 describes an unspecified Java Web Start vulnerability in Sun JDK/JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier that could allow a remote attacker to gain privileges via an untrusted application. The description notes this is a different issu...
CVE-2008-1191
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."...
CVE-2008-1189
Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue...
CVE-2008-1190
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...
Sun Java JRE Multiple Vulnerabilities (233321-233327)
The version of Sun Java Runtime Environment JRE installed on the remote host is affected by one or more security issues : - Two vulnerabilities in the JRE VM may independently allow an untrusted application or applet downloaded from a website to elevate its privileges 233321. - When processing XS...
Vulnerabilities in Java Web Start allow to determine the location of the Java Web Start cache
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.215 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information the Java Web...
Critical: Red Hat Security Advisory: java-1.4.2-ibm security update
Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.4.2 SR10 Java release includes the IBM...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue...
Untrusted Application or Applet May Move or Copy Arbitrary Files
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier does not properly enforce access restrictions for untrusted 1 applications and 2 applets, which allows user-assisted remote attacke...
Security testing of Java Web applications website vulnerability-vulnerability warning-the black bar safety net
web application development sites, is currently the most widely used program. But the developers of the level is uneven, resulting in a wide variety of web vulnerabilities. This article standing in a layered architecture perspective, the analysis about how to in a java web program to find the may...
CVE-2007-6572
Cross-site scripting XSS vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204...
Sun Java Web Proxy Server和Sun Java Web Server跨站脚本漏洞
BUGTRAQ ID: 26978 CNCAN ID:CNCAN-2007122401 Sun Java Web Proxy Server和Sun Java Web Server是两款基于JAVA的应用服务程序。 Sun Java Web Proxy Server和Sun Java Web Server存在输入验证问题,远程攻击者可以利用漏洞进行跨站脚本攻击,可获得敏感信息或任意脚本代码执行。 目前没有详细漏洞细节提供。 Sun Java Web Proxy Server 4.0.5 Sun Java Web Proxy Server 4.0.4 Sun Java Web Proxy...
SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 4544)
The IBM Java JRE/SDK has been brought to release 1.5.0 SR5a, containing several bugfixes, including the following security fixes : - A buffer overflow vulnerability in the image parsing code in the JavaTM Runtime Environment may allow an untrusted applet or application to elevate its privileges...
Untrusted Application or Applet May Move or Copy Arbitrary Files
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier does not properly enforce access restrictions for untrusted 1 applications and 2 applets, which allows user-assisted remote attacke...
Vulnerabilities in Java Web Start allow to determine the location of the Java Web Start cache
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.215 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information the Java Web...