Sun Java Web Server 7.0 u7 Admin Interface DoS

No description provided by source. Sun Java Web Sever 7.0 u7 Admin Interface DOS Software Package sjsws-70u7-windows-i586.zip 4fb8d1fb700d5649234a2891a4ecedea While attempting to verify http://www.exploit-db.com/exploits/14194/ which was not verified, I stumbled across this semi amusing DOS:...

Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities

No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20120104-0 ======================================================================= title: Multiple critical vulnerabilities in Apache Struts2 product: Apache Struts2 OpenSymphony XWork OpenSymphony OGNL vulnerable...

Jetty 4.1 Servlet Engine Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5821/info Jetty is a freely available, open source Java Web Server and Servlet Container. It is available for Linux, Unix, and Microsoft Windows platforms. It has been reported that Jetty does not properly sanitize...

Sun Java Web Start Plugin Command Line Argument Injection

No description provided by source. $Id: javawsarginjectaltjvm.rb 10404 2010-09-21 00:13:30Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

miniature java web server <= 1.71 - Multiple Vulnerabilities

No description provided by source...

Sun Java Web Server 7.0 u7 - Exploit with DEP bypass

No description provided by source. Exploit Title: SJWSexv2 Date: 09/07/2010 Author: dmc Software Link: download link if available Version: 7.0 u7 Tested on: Windows XP SP3 - with and without DEP CVE : CVE-2010-0361 / Sun Java Web Server Exploit v2 Tested on: Sun Java Web Server 7.0 update 7 - XP...

JVN#30962312: TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation

TERASOLUNA Server Framework for JavaWeb provided by NTT DATA Corporation is a software framework for creating Java web applications. TERASOLUNA Server Framework for JavaWeb bundles Apache Struts 1.2.9, which contains a vulnerability where the ClassLoader may be manipulated CVE-2014-0114. Therefor...

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423...

CVE-2011-2514

The Java Network Launching Protocol JNLP implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warnin...

CVE-2011-2514

The Java Network Launching Protocol JNLP implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warnin...

[ANN] Struts 2.3.16.2 GA release available - security fix

The Apache Struts group is pleased to announce that Struts 2.3.16.2 is available as a "General Availability" release.The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed ...

OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423...

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

Sun Java Web Start dnsResolve ActiveX Buffer Overflow - Ver2 (CVE-2007-5019)

A buffer overflow vulnerability has been reported in numerous forms. The vulnerability is due to a boundary error in the Sun Java Web Start ActiveX control that fails to properly handle user supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute...

UBUNTU-CVE-2014-2423

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

Fedora Update for icedtea-web FEDORA-2014-2071

Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2014-2071 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...