152 matches found
Design/Logic Flaw
The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...
CVE-2007-5689
The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...
CVE-2007-5274
Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound...
CVE-2007-5273
Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound...
CVE-2007-5274
Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound...
CVE-2007-5232
Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound...
Code injection
Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound...
CVE-2007-5232
Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound...
Sun Java JRE vulnerable to unauthorized network access
Overview The Sun Java Runtime Environment JRE contains a vulnerability that may allow unintended access to network resources. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for multiple...
Sun jre1.6.0_X isInstalled.dnsResolve Function Overflow PoC
No description provided by source. html body center Sun jre1.6.0X isInstalled.dnsResolve function overflow PoCbr Bug founded and code released by Yag Kohha. br Greetz to: br Shinnai, Str0ke br /center object classid="CLSID:5852F5ED-8BF4-11D4-A245-0080C6F74284" id="target"/OBJECT SCRIPT...
Sun jre1.6.0_X isInstalled.dnsResolve Function Overflow PoC
Exploit for multiple platform in category dos / poc =========================================================== Sun jre1.6.0X isInstalled.dnsResolve Function Overflow PoC =========================================================== Sun jre1.6.0X isInstalled.dnsResolve function overflow PoC Bug...
Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow
Sun jre1.6.0X isInstalled.dnsResolve function overflow PoC Bug founded and code released by Yag Kohha. Greetz to: Shinnai, Str0ke var b = 'XXXX'; while b.length milw0rm.com 2007-09-19...
Sun Java Runtime Environment 1.6 - Web Start .JNLP File Stack Buffer Overflow
Sun Java Runtime Environment 1.6 - Web Start .JNLP File Stack Buffer Overflow source: https://www.securityfocus.com/bid/24832/info Sun Java Runtime Environment is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it...
Sun JDK/JRE: Multiple vulnerabilities
Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description An unspecified vulnerability involving an "incorrect use of system classes" was reported by the Fujitsu security team. Additionally, Chris Evans from the Google Security...
Code injection
The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...
CVE-2007-2789
CVE-2007-2789 concerns the BMP image parser in Sun JDK/JRE on Unix/Linux, where untrusted applets or applications that open arbitrary local files via a crafted BMP can cause the JVM to hang (DoS). Affected product ranges include JDK/JRE prior to 1.5.0_11-b03, 1.6.x prior to 1.6.0_01-b06, and olde...
java-jre: GIF buffer overflow
Buffer overflow in Sun JDK and Java Runtime Environment JRE 5.0 Update 9 and earlier, SDK and JRE 1.4.212 and earlier, and SDK and JRE 1.3.118 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption...
Sun JDK/JRE: Multiple vulnerabilities
Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description Chris Evans has discovered multiple buffer overflows in Sun JDK and Sun JRE possibly related to various AWT or font layout functions. Tom Hawtin has discovered an...
Sun Microsystems Java GIF image processing buffer overflow
Overview A vulnerability in the Sun Java Runtime Environment may allow an attacker to execute arbitrary code on a vulnerable system. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for...
Sun Java Runtime System内容提送服务器信息泄露漏洞
Sun Java System Content Delivery Server可为移动用户提供可以下载的数据服务。 Sun Java System Content Delivery Server存在未明安全错误,远程攻击者可以利用漏洞未授权访问敏感信息。 目前没有详细漏洞细节提供。 Sun Java System Content Delivery Server Solaris 5.0PU1 Sun Java System Content Delivery Server Solaris 5.0 厂商解决方案 联系供应商安装patch 5.02005Q4IR3P6补丁:...