22 matches found
CVE-1999-0141
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet...
EUVD-1999-0141
Malware in sbrugna...
eSIM Vulnerability in eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks. The issues impact the Kigen eUICC card. According to the Irish company's website, more than two billion SIMs in IoT devices...
CVE-2015-5235
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page...
Netscape Communicator 4.x URL Read Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1546/info A flaw in Netscape Communicator's implementation of Java allows malicious applets to read any resource reachable via a URL from the local machine by using the netscape.net.URLConnection and...
US-CERT Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System US-CERT Alert TA13-010A Oracle Java 7 Security Manager Bypass Vulnerability Original release date: January 10, 2013 Last revised: -- Systems Affected Any system using Oracle Java 7 1.7, 1.7.0 including Java Platform...
Oracle Java findMethod findClass Security Bypass
Added: 08/30/2012 CVE: CVE-2012-4681 BID: 55213 OSVDB: 84867 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Oracle Java findMethod findClass Security Bypass
Added: 08/30/2012 CVE: CVE-2012-4681 BID: 55213 OSVDB: 84867 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Mac OS X OSX/Flashback Trojan Detection
Using the supplied credentials, Nessus has found evidence that the remote Mac OS X host has been compromised by a trojan in the OSX/Flashback family of trojans. The software is typically installed by means of a malicious Java applet or Flash Player installer. Depending on the variant, the trojan...
Sun JRE/SDK 1.x - Untrusted Applet Java Security Model Violation
source: https://www.securityfocus.com/bid/7824/info It has been reported that the Sun Java Runtime Environment does not properly protect trusted java applets. Because of this, it may be possible for an attacker to use a malicious applet to gain access to sensitive information. / Proof-Of-Concept:...
Symantec Java! JustInTime Compiler 210.65 - Command Execution
Symantec Java! JustInTime Compiler 210.65 - Command Execution source: https://www.securityfocus.com/bid/6222/info A vulnerability has been discovered in the Java! JustInTime compiled used by Netscape Communicator, related to the generation of Intel instructions from specially constructed Java...
Microsoft Java Virtual Machine Bytecode Verifier Vulnerability
Description The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the bytecode-level may be able to perform some illegal operations. If these operations are performed, it may be...
Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier
Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier source: https://www.securityfocus.com/bid/6221/info The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the...
Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier
source: https://www.securityfocus.com/bid/6221/info The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the bytecode-level may be able to perform some illegal operations. If...
Microsoft Java implementation JDBC classes do not properly validate DLL requests
Overview The Java Database Connectivity JDBC classes of Microsoft's Java virtual machine VM do not properly validate DLL requests, allowing a malicious applet to load and execute any DLL on the client system. Description Microsoft's Java VM is installed on Windows 98, NT, 2000, and XP. It is used...
CVE-2001-0068
Mac OS Runtime for Java MRJ 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter...
CVE-2001-0068
Mac OS Runtime for Java MRJ 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter...
Sun JDK 1.1.x / Sun JRE 1.1.x - Listening Socket
source: https://www.securityfocus.com/bid/1545/info A set of flaws in multiple vendors' Java implementation allows a malicious applet to open a listening socket to accept network connections against the security policy. Java applications use the java.net.ServerSocket class to create a listening...
Netscape Communicator 4.x - URL Read
source: https://www.securityfocus.com/bid/1546/info A flaw in Netscape Communicator's implementation of Java allows malicious applets to read any resource reachable via a URL from the local machine by using the netscape.net.URLConnection and netscape.net.URLInputSteam classes. This allows malicio...
CVE-1999-0141
CVE-1999-0141 concerns the Java Bytecode Verifier, where the verifier as implemented in the Java runtime allows malicious applets to execute arbitrary commands with the permissions of the applet user. The provided sources reiterate this description but do not specify affected products/versions, r...