CVE-2011-2514

The Java Network Launching Protocol JNLP implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warnin...

OpenJDK: unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ...

Moderate: Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.2 update

JBoss Enterprise Web Server 1.0.2 is now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...

JDK unspecified vulnerability in Java Web Start component

Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

JDK unspecified vulnerability in Java Web Start component

Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

JDK unspecified vulnerability in Deployment component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows; and 1.4.229 and earlier for Windows allows remote untrusted Java Web Start applications and...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment...

CVE-2011-0786

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality,...

CVE-2011-0867

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors relate...

CVE-2011-0866

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality,...

Java Web Start may insecurely load dynamic libraries

Overview Java Web Start provided Oracle may use unsafe methods for determining how to load DLLs. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the DLL search path...

Java Web Start may insecurely load settings files

Overview Java Web Start provided Oracle may use unsafe methods for determining how to load settings files. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file...

Java Web Start may insecurely load policy files

Overview Java Web Start provided Oracle may use unsafe methods for determining how to load policy files. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file...

JVN#09206238: Java Web Start may insecurely load settings files

Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file search path, which may insecurely load settings files. Impact An attacker may execute arbitrary code with t...

JVN#18680611: Java Web Start may insecurely load dynamic libraries

Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrar...

JVN#29212182: Java Web Start may insecurely load policy files

Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file search path, which may insecurely load policy files. Impact An attacker may execute arbitrary code with the...

OpenJDK: NetworkInterface information leak (Networking, 7013969)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors relate...

OpenJDK Swing timer-based security manager bypass (6907662)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, an...

JDK unspecified vulnerability in Deployment component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows; and 1.4.229 and earlier for Windows allows remote untrusted Java Web Start applications and...