64 matches found
EUVD-2009-2667
Malware in sbrugna...
EUVD-2008-4889
Malware in sbrugna...
EUVD-2007-2430
Malware in sbrugna...
EUVD-2008-3104
Malware in sbrugna...
EUVD-2008-3102
Malware in sbrugna...
EUVD-2007-3488
Malware in sbrugna...
SUSE CVE-2008-3112
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909...
SUSE CVE-2008-3113
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077...
Privilege Escalation
Sun Java web start is vulnerable to privilege escalation. An integer overflow flaw was found in the way the JRE processes JPEG images. An untrusted application could use this flaw to extend its privileges, allowing it to read and write local files, as well as to execute local applications with th...
Sun Java Web Start 1.0/1.2 Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31916/info Sun Java Web Start is prone to a remote command-execution vulnerability. Successful exploits may allow attackers to execute arbitrary commands on an unsuspecting user's computer. This may aid in further attacks...
Sun Java Web Start Plugin Command Line Argument Injection
No description provided by source. $Id: javawsarginjectaltjvm.rb 10404 2010-09-21 00:13:30Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Sun Java Web Start dnsResolve ActiveX Buffer Overflow - Ver2 (CVE-2007-5019)
A buffer overflow vulnerability has been reported in numerous forms. The vulnerability is due to a boundary error in the Sun Java Web Start ActiveX control that fails to properly handle user supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute...
Sun Java Web Start Splashscreen GIF Decoding Buffer Overflow - Improved Performance (CVE-2008-2086)
The Sun Java Web Start is a component of the Java 2 Runtime Environment JRE. It allows for the network deployment of Java applications. This component enables stand-alone Java applications to be downloaded from a remote network location and invoked on a target machine. There exists a memory...
Sun Java Web Start Plugin Command Line Argument Injection (2012)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Sun Java Web...
Sun Java Web Start Plugin Command Line Argument Injection (2012)
Exploit for windows platform in category remote exploits $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Sun Java Web Start command-line argument injection
Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...
Sun Java Web Start command-line argument injection
Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...
Sun Java Web Start command-line argument injection
Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...
Sun Java Web Start Plugin Command Line Argument Injection
This module exploits a flaw in the Web Start plugin component of Sun Java Web Start. The arguments passed to Java Web Start are not properly validated. By passing the lesser known -J option, an attacker can pass arbitrary options directly to the Java runtime. By utilizing the -XXaltjvm option, as...
Sun Java Web Start Plugin - Command Line Argument Injection (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Sun Java Web Start Plugin Command Line Argument Injection', 'Description' = %q This module exploits a flaw in the Web Start...