152 matches found
Untrusted applet and application privilege escalation (CVE-2008-1186)
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186,...
Code injection
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
Design/Logic Flaw
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.216 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue....
CVE-2008-1185
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186,...
CVE-2008-1187
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
CVE-2008-1185
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186,...
CVE-2008-1187
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
CVE-2008-1187
CVE-2008-1187 affects Sun Java Runtime Environment (JRE) and JDK family prior to several updates (J2SE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier). The vulnerability is described as unspecified, allowing remote attackers to cause a denial of service (JRE c...
CVE-2008-1185
CVE-2008-1185 refers to an unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK across multiple legacy versions: JRE/JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier. The description states that remote attackers could gain privileges via a...
CVE-2008-1187
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
CVE-2008-1186
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.216 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue....
Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow
Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow source: https://www.securityfocus.com/bid/28125/info Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. A...
Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow
source: https://www.securityfocus.com/bid/28125/info Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with the...
Applets or Applications are allowed to display an oversized window
Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...
CVE-2008-0657
Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants...
CVE-2008-0628
The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity XXE attacks and cause a denial of service or acces...
CVE-2008-0628
The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity XXE attacks and cause a denial of service or acces...
CVE-2008-0628
CVE-2008-0628 affects Sun Java Runtime Environment (JRE/JDK) 6 Update 3 and earlier. The XML parsing code processes external entity references even when the “external general entities” property is false, enabling an XXE attack that can cause denial of service or allow access to restricted resourc...
CVE-2007-5689
The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...