1214 matches found
Format string
Format string vulnerability in libwebconsoleservices.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service application crash, obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt,...
CVE-2007-1681
Format string vulnerability in libwebconsoleservices.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service application crash, obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt,...
CVE-2007-1681
CVE-2007-1681 relates to a format-string vulnerability in Sun Java Web Console (Lockhart) specifically in libwebconsole_services.so, affecting Sun Java Web Console versions 2.2.2–2.2.5. The issue allows remote attackers to crash the application, potentially disclose sensitive information, and pos...
CVE-2007-1681
Format string vulnerability in libwebconsoleservices.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service application crash, obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt,...
Solaris 10 (sparc) : 121211-02 (deprecated)
SunOS 5.10: Sun Java Web Console Lockhart Patch. Date this patch was last updated by Sun : Apr/16/07 This plugin has been deprecated and either replaced with individual 121211 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@...
Solaris 10 (x86) : 121212-02 (deprecated)
SunOS 5.10x86: Sun Java Web Console Lockhart Patch. Date this patch was last updated by Sun : Apr/16/07 This plugin has been deprecated and either replaced with individual 121212 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability
n.runs AG http://www.nruns.com/ security at nruns.com n.runs-SA-2007.007 18-Apr-2007 Vendor: Sun Microsystems, Inc., http://www.sun.com Affected Products: Solaris 10, Java Web Console 2.2.2 - 2.2.5 Vulnerability: Format string vulnerability Risk: HIGH CVE ID: CVE-2007-1681 Sun Alert ID: 102854 SU...
Sun Java Web Server unauthorized access
No description provided...
Jetty可预测随机会话ID漏洞
Jetty是一款流行的Java Web服务器。 Jetty的会话ID随机生成实现上存在漏洞,远程攻击者可能利用此漏洞获取非授权访问。 Jetty使用java.util.Random生成会话ID。java.util.random实现以下形式的线性同余随机数生成器: synchronized protected int nextint bits seed = seed 0x5DEECE66DL + 0xBL & 1L 48 - 1; return intseed 48 - bits;...
Jetty Non-random Session ID Vulnerability
Binary data 3904.prm...
GLSA-200602-07 : Sun JDK/JRE: Applet privilege escalation
The remote host is affected by the vulnerability described in GLSA-200602-07 Sun JDK/JRE: Applet privilege escalation Applets executed using JRE or JDK can use 'reflection' APIs functions to elevate its privileges beyond the sandbox restrictions. Adam Gowdiak discovered five vulnerabilities that...
CVE-2006-0613
Unspecified vulnerability in Java Web Start after 1.0.102, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications...
Security feature bypass
Unspecified vulnerability in Java Web Start after 1.0.102, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications...
CVE-2006-0613
Unspecified vulnerability in Java Web Start after 1.0.102, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications...
Sun Java Web Start security bypass vulnerability
Overview A vulnerability in the Sun Java Web Start may allow an untrusted Java applet or application to bypass security restrictions and execute arbitrary code. Description Java Web Start technology allows Java applications and applets to be executed via HTTP. Remote applications and applets are...
[SA18762] Java Web Start Sandbox Security Bypass Vulnerability
TITLE: Java Web Start Sandbox Security Bypass Vulnerability SECUNIA ADVISORY ID: SA18762 VERIFY ADVISORY: http://secunia.com/advisories/18762/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Java Web Start 1.x http://secunia.com/product/1005/ Sun Java JDK 1.5.x...
SUSE-SA:2005:032: java2
The remote host is missing the patch for the advisory SUSE-SA:2005:032 java2. Two security bugs in the SUN Java implementation have been fixed. Java Web Start can be exploited remotely due to an error in input validation of tags in JNLP files, so an attacker can pass arbitrary command-line option...
CVE-2002-2005
Technical details about CVE-2002-2005 are not publicly available in the provided documents. No concrete affected product/version, root cause, or remediation are described here. Monitor for updates from trusted sources.
CVE-2005-1973
Java Web Start in Java 2 Platform Standard Edition J2SE 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges...
[SA15671] Java Web Start Sandbox Security Bypass Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...