Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28125/info Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to...

Sun Java Runtime Environment 1.4.2 - Font Parsing Remote Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25340/info The Sun Java Runtime Environment is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the user who invoked the Java applet...

Sun Java Runtime Environment 1.6 - Web Start JNLP File Stack Buffer Overflow

Exploit for linux platform in category remote exploits source: http://www.securityfocus.com/bid/24832/info Sun Java Runtime Environment is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently...

Sun Java Web Start Double Quote Injection Vulnerability

This Metasploit module exploits a flaw in the Web Start component of the Sun Java Runtime Environment. Parameters intial-heap-size and max-heap-size in a JNLP file can contain a double quote which is not properly sanitized when creating the command line for javaw.exe. This allows the injection of...

Sun Java Web Start Unauthorized Access (102881) (Unix)

According to its version number, the Sun Java Runtime Environment JRE installed on the remote host reportedly may allow an untrusted application to elevate its privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Sun Java Web Start JNLP File Handling Overflow (102996) (Unix)

The Java Web Start utility distributed with the version of Sun Java Runtime Environment JRE installed on the remote host may be affected by a buffer overflow vulnerability. If an attacker can convince a user on the affected host to open a specially crafted JNLP file, it may be possible to execute...

Protection against Black Hole Toolkit v1.2.3 Java Array Exploits (CVE-2009-1671; CVE-2012-0507)

A buffer overflow vulnerability has been reported in Sun Java SE Runtime Environment...

Oracle Java Applet Rhino脚本引擎远程代码执行漏洞

Bugtraq ID: 50218 CVE ID：CVE-2011-3544 Sun Java Runtime Environment是一款为JAVA应用程序提供可靠的运行环境的解决方案。 Java处理Rhino JavaScript错误存在缺陷，Java中的内置javascript引擎没有对javascript错误对象执行充分过滤，结果导致不可信代码以特权上下文运行 Sun SDK Windows Production Release 1.4.2 24 Sun SDK Windows Production Release 1.4.2 15 Sun SDK Windows...

RHEL 4 : Sun Java Runtime in Satellite Server (RHSA-2009:1662)

Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Network Satellite Server 5.1. This update has been rated as having low security impact by the Red Hat Security Response Team. This update corrects several security vulnerabilities in the Sun Java...

Social-Engineer Toolkit v1.0 - Latest Version Download

The Social Engineer Toolkit SET has been updated to version 1.0! We wrote about the Social Engineer's Toolkit in our old post here. This release is called the Devolution Release. "The Social Engineering Toolkit SET is a python-driven suite of custom tools which solely focuses on attacking the hum...

Sun Java Runtime New Plugin docbase Buffer Overflow

This module exploits a flaw in the new plugin component of the Sun Java Runtime Environment before v6 Update 22. By specifying specific parameters to the new plugin, an attacker can cause a stack-based buffer overflow and execute arbitrary code. When the new plugin is invoked with a "launchjnlp"...

Sun Java Runtime New Plugin docbase Buffer Overflow

$Id: javadocbasebof.rb 10820 2010-10-25 20:22:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

Sun Java Web Start BasicServiceImpl Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious page. The specific flaw exists within the com.sun.jnlp.BasicServiceImpl class. By abusing how Web Start...

Sun Java Runtime Environment Abstract Windowing Toolkit Memory Corruption (CVE-2008-5359)

There exists a buffer overflow vulnerability in Sun Java Runtime Environment JRE. The vulnerability is caused due to improper checking of parameters passed to natively implemented class methods. A remote attacker may leverage this vulnerability to inject and execute arbitrary code on the target...

ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability

ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-057 April 5, 2010 -- CVE ID: CVE-2010-0849 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- Vulnerabilit...

Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the CMM module of the Sun JVM. This...

Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability

This vulnerability allows remote attackers to violate security policies on vulnerable installations of Sun Java Runtime. User interaction is required to exploit this vulnerability in that the target must run a malicious applet. The specific flaw allows malicious applets to connect to network...

Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime. User interaction is required in that a user must be coerced into executing a malicious java application via visiting a website. The specific flaw exists within the...

Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime. Authentication is not required to exploit this vulnerability. The specific flaw exists within the code responsible for ensuring proper privileged execution of methods. If an...

Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of JPEG image...