416 matches found
UBUNTU-CVE-2012-6636
The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded into the WebView component in an application...
JBOSS 1 0 9 9 port remote method invocation vulnerability-vulnerability warning-the black bar safety net
Bird brother a few days ago sent me an article that is a java vulnerability, about 1 0 9 9 port may be remote method invocation thing. I suddenly think of it, had to XCON2012 of time, due to“forgotten”so there is no mention of a problem is a JBOSS remote code execution vulnerability. The domestic...
Cisco Secure ACS RMI Arbitrary File Read (CSCud75169)
The version of Cisco Secure Access Control System ACS on the remote host is affected by a vulnerability in the Remote Method Invocation RMI interface. Due to insufficient authorization enforcement, this issue could allow a remote, authenticated attacker to read arbitrary files on the ACS server. ...
Cisco Secure ACS RMI Arbitrary File Read Vulnerability
A vulnerability in the Remote Method Invocation RMI interface of the Cisco Secure Access Control System ACS could allow an authenticated, remote attacker to read arbitrary files on the Cisco Secure ACS server. The vulnerability is due to insufficient authorization enforcement. An attacker could...
CVE-2014-0649
The CVE-2014-0649 issue affects Cisco Secure Access Control System (ACS) 5.x before 5.5, where the RMI interface does not properly enforce authorization, enabling a remote authenticated user to gain superadmin access via the RMI interface (Bug ID CSCud75180). Connected Cisco advisories confirm an...
OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information...
OpenJDK: remote code loading enabled by default (RMI, 8001040)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX...
OpenJDK: RMI registry privileged code execution (RMI, 7083012)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.233 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to...
OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.233 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to...
OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: remote code loading enabled by default (RMI, 8001040)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA...
CVE-2013-3693
The BlackBerry Universal Device Service in BlackBerry Enterprise Service BES 10.0 through 10.1.2 does not properly restrict access to the JBoss Remote Method Invocation RMI interface, which allows remote attackers to upload and execute arbitrary packages via a request to port 1098...
Design/Logic Flaw
The BlackBerry Universal Device Service in BlackBerry Enterprise Service BES 10.0 through 10.1.2 does not properly restrict access to the JBoss Remote Method Invocation RMI interface, which allows remote attackers to upload and execute arbitrary packages via a request to port 1098...
CVE-2013-3693
The BlackBerry Universal Device Service in BlackBerry Enterprise Service BES 10.0 through 10.1.2 does not properly restrict access to the JBoss Remote Method Invocation RMI interface, which allows remote attackers to upload and execute arbitrary packages via a request to port 1098...
CVE-2013-3693
The CVE-2013-3693 issue affects BlackBerry Enterprise Service (BES) 10.0–10.1.2, where the Universal Device Service (UDS) fails to restrict access to the JBoss RMI interface on port 1098, allowing a remote attacker in an adjacent network to upload and execute arbitrary packages. Remediation: upda...
OpenJDK: remote code loading enabled by default (RMI, 8001040)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: remote code loading enabled by default (RMI, 8001040)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...