1469 matches found
CVE-2006-0615
CVE-2006-0615 concerns multiple unspecified vulnerabilities in Sun Java JDK/JRE 5.0 Update 4 and earlier (and 1.4.x through 1.4.2_09) that allow remote attackers to bypass the Java sandbox and obtain privileges via reflection APIs. Affected components include the Java applet/JRE sandbox and Web S...
CVE-2006-0614
CVE-2006-0614 concerns Sun JDK/JRE: Applets can escape the sandbox via reflection APIs, allowing remote privilege escalation. Affected products include Sun JDK/JRE 5.0 Update 3 and earlier, SDK/JRE 1.3.x through 1.3.1_16 and 1.4.x through 1.4.2_08. The vulnerability enables a malicious Java apple...
CVE-2006-0616
CVE-2006-0616 : Unspecified vulnerability in Sun Java JDK/JRE 5.0 Update 4 and earlier allows a remote attacker to bypass the Java sandbox and gain privileges through the reflection APIs (the so‑called “fourth issue”). Exploitation details are not provided in the documents, but multiple sources d...
CVE-2006-0617
The CVE-2006-0617 entry describes multiple unspecified vulnerabilities in Sun Java JDK/JRE 5.0 Update 5 and earlier that allow remote attackers to bypass the Java sandbox via reflection APIs, enabling privilege escalation. Affected components are Sun JDK/JRE implementations; the underlying issue ...
CVE-2006-0614
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and earlier, SDK and JRE 1.3.x through 1.3.116 and 1.4.x through 1.4.208 allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "first issue."...
CVE-2006-0615
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.209 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues."...
CVE-2006-0616
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue."...
CVE-2006-0617
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues."...
Sun Java Reflection API security bypass vulnerabilities
Overview Multiple vulnerabilities in the Sun Java Reflection API may allow an untrusted Java applet to bypass security restrictions and execute arbitrary code. Description The Sun Java Reflection API allows Java classes to determine information about other Java classes, such as public methods...
Sun Java sandbox protection bypass
It's possible to bypass sandbox with "reflection" API. This vulnerability can be used for silent trojan installation...
[SA18760] Sun Java JRE "reflection" APIs Sandbox Security Bypass Vulnerabilities
TITLE: Sun Java JRE "reflection" APIs Sandbox Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA18760 VERIFY ADVISORY: http://secunia.com/advisories/18760/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Sun Java JDK 1.5.x http://secunia.com/product/4621/ Sun Jav...
GLSA-200601-10 : Sun and Blackdown Java: Applet privilege escalation
The remote host is affected by the vulnerability described in GLSA-200601-10 Sun and Blackdown Java: Applet privilege escalation Adam Gowdiak discovered multiple vulnerabilities in the Java Runtime Environment's Reflection APIs that may allow untrusted applets to elevate privileges. Impact : A...
CVE-2006-0217
Multiple cross-site scripting XSS vulnerabilities in Ultimate Auction 3.67 allow remote attackers to inject arbitrary web script or HTML via the 1 item parameter in item.pl and 2 category parameter in itemlist.pl, which reflects the XSS in an error message. NOTE: the affected version might be wro...
Sun and Blackdown Java: Applet privilege escalation
Background Sun and Blackdown both provide implementations of the Java Development Kit JDK and Java Runtime Environment JRE. Description Adam Gowdiak discovered multiple vulnerabilities in the Java Runtime Environment's Reflection APIs that may allow untrusted applets to elevate privileges. Impact...
JVN#15972537 Fujitsu Java Runtime Environment reflection API vulnerability
Impact If a user downloads and executes a specially crafted applet, a remote attacker could access local files with the elevated privileges or execute arbitrary code with the privilege of the user running the applet. Solution Products Affected For more information, refer to the vendor's website...
Sun Java Runtime Environment "reflection" API privilege elevation vulnerabilities
Overview Multiple vulnerabilities in the Sun Java Reflection API may allow an untrusted Java applet to bypass security restrictions and execute arbitrary code. Description The Sun Java Reflection API allows Java classes to determine information about other Java classes, such as public methods...
CVE-2005-3906
CVE-2005-3906 concerns multiple unspecified vulnerabilities in Java reflection APIs that could let remote attackers escape the Java sandbox and access arbitrary files or run arbitrary code. The connected sources specify affected software as Sun/Blackdown JDK/JRE up to 1.4.2_08 (and 1.3.1_15 for C...
AttachmateWRQ Reflection for Secure IT Server < 6.0 Build 24 Multiple Vulnerabilities
Binary data 3207.prm...
AttachmateWRQ Reflection for Secure IT Server < 6.0 Build 24 Multiple Vulnerabilities
The remote host is running AttachmateWRQ Reflection for Secure IT Server, a commercial SSH server for Windows. According to its banner, the installed version of Reflection for Secure IT Server on the remote host suffers from several vulnerabilities, including : - An Access Restriction Bypass...
CVE-2005-2771
WRQ Reflection for Secure IT Windows Server 6.0 formerly known as F-Secure SSH server processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be...