SUSE CVE-2007-3503

The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting XSS vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Action Message Format (AMF3) Java implementations are vulnerable to insecure deserialization and XML external entities references

Overview Several Java implementations of AMF3 are vulnerable to insecure deserialization and XML external entities references. Description Several Java implementations of Action Message Format AMF3 are vulnerable to one or more of the following implementation errors:CWE-502: Deserialization of...

Code injection

Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps CVE-2009-3867, CVE-2009-3868, CVE-2009-3869,...

CVE-2010-0079

Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps CVE-2009-3867, CVE-2009-3868, CVE-2009-3869,...

openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-6395)

The Sun Java JRE /JDK 6 was updated to Update 15 fixing various security issues. CVE-2009-2670: The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted apple...

SuSE 11 Security Update : Sun JDK 6 (SAT Patch Number 699)

The Sun JDK 6 was updated to Update13 to fix various bugs and security issues. - LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier does not close...

openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-705)

The Sun JDK 6 was updated to Update13 to fix various bugs and security issues. CVE-2009-1093: LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier do...

openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-97)

This update brings the SUN JDK 6 to update level 7. CVE-2008-3115: Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit...

openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-6128)

The Sun JDK 6 was updated to Update13 to fix various bugs and security issues. CVE-2009-1093: LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier do...

CVE-2008-5348

CVE-2008-5348 concerns an unspecified vulnerability in Sun JDK/JRE across multiple major versions (JDK/JRE 6 Update 10 and earlier; 5.0 Update 16 and earlier; 1.4.2_18 and earlier) that, when Kerberos authentication is used, can allow remote attackers to cause a denial of service through OS resou...

openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-5435)

This update brings the SUN JDK 6 to update level 7. CVE-2008-3115: Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit...

CVE-2008-1187

Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...

CVE-2008-1187

Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...

CVE-2008-1187

Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...