Sun Java Web Start command-line argument injection

Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...

Sun Java Web Start command-line argument injection

Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...

Sun Java Web Start command-line argument injection

Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...

Sun Java Web Start Plugin Command Line Argument Injection

This module exploits a flaw in the Web Start plugin component of Sun Java Web Start. The arguments passed to Java Web Start are not properly validated. By passing the lesser known -J option, an attacker can pass arbitrary options directly to the Java runtime. By utilizing the -XXaltjvm option, as...

Sun Java System Web Server Multiple Vulnerabilities

This host has Sun Java Web Server running which is prone to Multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservmultvuln.nasl 6637 2017-07-10 09:58:13Z teissa $ Sun Java System Web Server Multiple Vulnerabilities Authors: Michael Meyer Copyright: Copyright c 2010 Greenbon...

Sun Java Web Start Plugin - Command Line Argument Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Sun Java Web Start Plugin Command Line Argument Injection', 'Description' = %q This module exploits a flaw in the Web Start...

Sun Java Web Start JNLP java-vm-args Heap Buffer Overflow (CVE-2008-3111)

The Sun Java Web Start is a component of the Java 2 Runtime Environment JRE. It allows for the network deployment of Java applications. This component enables stand-alone Java applications to be downloaded from a remote network location and invoked on a target machine. There exists a heap buffer...

Sun Java Web Start Splashscreen PNG Processing Buffer Overflow (CVE-2009-1097)

The Sun Java Web Start is a component of the Java 2 Runtime Environment JRE. It facilitates network deployment of applications developed with the Java programming language. This component enables stand-alone Java applications to be downloaded from a remote network location and run on a target...

Sun Java Web Start Splashscreen GIF Decoding Buffer Overflow (CVE-2008-2086)

The Sun Java Web Start is a component of the Java 2 Runtime Environment JRE. It allows for the network deployment of Java applications. This component enables stand-alone Java applications to be downloaded from a remote network location and invoked on a target machine. There exists a memory...

Sun Java Web Start JNLP vm args Stack Overflow (CVE-2008-3111)

The Sun Java Web Start is a component of the Java 2 Runtime Environment JRE. It allows for the network deployment of Java applications. This component enables stand-alone Java applications to be downloaded from a remote network location and invoked on a target machine. There exists a stack buffer...

CVE-2009-2674

Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a...

Sun Java Web Console Multiple XSS Vulnerabilities

The host is running Java Web Console and is prone to Multiple Cross-Site Scripting Vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavawebconsolexssvuln.nasl 4892 2016-12-30 15:39:07Z teissa $ Sun Java Web Console Multiple XSS Vulnerabilities Authors: Sharath S Copyright: Copyright c 2009...

Sun Java Web Console 3.0.2 - 3.0.5 Multiple XSS Vulnerabilities

Java Web Console is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sun Java Web Console helpwindow.jsp / masthead.jsp Multiple XSS

The version of Sun Java Web Console running on the remote host has multiple cross-site scripting vulnerabilities in 'helpwindow.jsp' and 'masthead.jsp'. A remote attacker could exploit these to trick a user into executing arbitrary HTML or script code in the context of the web server. %NASLMINLEV...

CVE-2009-2283

Multiple cross-site scripting XSS vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2283

CVE-2009-2283 : The Sun Java Web Console 3.0.2–3.0.5 (Sun Solaris 10) contains multiple XSS vulnerabilities in the help jsp scripts (e.g., helpwindow.jsp, masthead.jsp). An attacker could inject arbitrary HTML/script in the user’s browser session. The vectors are not specified in the provided doc...

CVE-2009-2283

Multiple cross-site scripting XSS vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Solaris Update for Sun Java Web Console (Lockhart) 121211-02

Check for the Version of Sun Java Web Console Lockhart OpenVAS Vulnerability Test Solaris Update for Sun Java Web Console Lockhart 121211-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Solaris Update for Sun Java Web Console (Lockhart) 121212-02

Check for the Version of Sun Java Web Console Lockhart OpenVAS Vulnerability Test Solaris Update for Sun Java Web Console Lockhart 121212-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...