EUVD-1999-0747

Malware in sbrugna...

MS03-011: Flaw in the Microsoft VM could enable system compromise

The Microsoft virtual machine Microsoft VM update that was previously listed in this article is no longer available. For more information, visit the following Microsoft Web pages: http://www.microsoft.com/mscorp/java/default.mspxhttp://support.microsoft.com/gp/lifean12Technical UpdateJuly 17, 200...

Oracle JRE - java.net.URLConnection class – Same-of-Origin (SOP) Policy Bypass

No description provided by source. Description Security-Assessment.com discovered that a Java Applet making use of java.net.URLConnection class can be used to bypass same-of-origin SOP policy and domain based security controls in modern browsers when communication occurs between two domains that...

Oracle Java SE GSUB ReqFeatureIndex Buffer Overflow - ver 2 (CVE-2013-5907)

A heap buffer overflow vulnerability exists in Oracle Java. The vulnerability is due to invalid processing of the ReqFeatureIndex entry in the GSUB table. A remote unauthenticated attacker can exploit this vulnerability by enticing a user to visit a webpage containing a maliciously crafted Java...

[SE-2012-01] Security vulnerabilities in Java SE

Dear Bugtraq, Security Explorations, a security and vulnerability research company from Poland, discovered multiple security issues in the latest version of Java Platform Standard Edition Java SE 1 software coming from Oracle Corporation 2. Discovered security issues violate many "Secure Coding...

Quicktime Multiple Vulnerabilities (Mac OS X 7.1.6 Security Update)

According to its version, the installation of Quicktime on the remote Mac OS X host that contains a bug which might allow a rogue Java program to write anywhere in the heap. An attacker may be able to leverage these issues to execute arbitrary code on the remote host by luring a victim into...

GLSA-200601-10 : Sun and Blackdown Java: Applet privilege escalation

The remote host is affected by the vulnerability described in GLSA-200601-10 Sun and Blackdown Java: Applet privilege escalation Adam Gowdiak discovered multiple vulnerabilities in the Java Runtime Environment's Reflection APIs that may allow untrusted applets to elevate privileges. Impact : A...

Konqueror: Java sandbox vulnerabilities

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. Konqueror is the KDE web browser and file manager. Description Konqueror contains two errors that allow JavaScript scripts and Java applets to have access to restricted Java classes. Impact A...

MS02-013: Cumulative VM Update (300845)

The Microsoft VM is a virtual machine for the Win32 operating environment. There are numerous security flaws in the remote Microsoft VM that could allow an attacker to execute arbitrary code on this host. To exploit these flaws, an attacker would need to set up a malicious web site with a rogue...