jre7-openjdk: sandbox escape

It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...

jre7-openjdk-headless: multiple issues

CVE-2015-4734 information disclosure It was discovered that the JGSS component of OpenJDK did not properly hide Kerberos realm information from all error exceptions when running under Security Manager. An untrusted Java application or applet could use this flaw to obtain certain information about...

jre7-openjdk: multiple issues

CVE-2005-1080 CVE-2015-0480 directory traversal A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. - CVE-2015-0460...

Oracle Java 7 JmxMBeanServer类远程代码执行漏洞

BUGTRAQ ID: 57246 CVE ID: CVE-2013-0422 Oracle Java Runtime Environment JRE是一款为JAVA应用程序提供可靠运行环境的解决方案。 Oracle JRE7环境中的jmx.mbeanserver.JmxMBeanServer类存在沙盒绕过漏洞使得远程攻击者可以绕过java securityManager的检查远程执行任意java代码控制用户系统。 目前已知受影响环境为最新版本Oracle JRE7 update 10及其更早版本。经测试Oracle Java 6不受影响。 0 Oracle Java 7 Update ...

Google Chrome < 15.0.874.120 Multiple Vulnerabilities

Binary data 6094.pasl...

Google Chrome < 15.0.874.120 Multiple Vulnerabilities

Binary data 800938.prm...

Google Chrome < 15.0.874.120 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 15.0.874.120. It is, therefore, potentially affected by the following vulnerabilities : - A double-free error exists in the Theora decoder. CVE-2011-3892 - Out-of-bounds read errors exist in the MVK and Vorbis media handler...