1772 matches found
Sun Java运行时环境图形解析堆溢出漏洞
BUGTRAQ ID: 28125 CVECAN ID: CVE-2008-1193 Solaris系统的Java运行时环境(JRE)为JAVA应用程序提供可靠的运行环境。 Java运行时环境的图形解析库中在解析畸形JPEG图形的ICC配置文件时存在堆溢出漏洞,以下是漏洞代码: Limit = SpGetUInt32 Buf; ... UInt16Ptr = KpUInt16t SpMalloc Limit KpInt32tsizeof UInt16Ptr; ... for Index = 0; Index Limit; Index++ UInt16Ptr++ = SpGetUInt16...
CVE-2008-1204
Multiple cross-site scripting XSS vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the 1 Help and 2 Version windows...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the 1 Help and 2 Version windows...
CVE-2008-1204
Multiple cross-site scripting XSS vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the 1 Help and 2 Version windows...
CVE-2008-1204
CVE-2008-1204: XSS vulnerabilities in the Administration Console of Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script/HTML via unspecified vectors in the Help and Version windows. The NVD entry lists a base CVSS v2 score of 4.3 (Network attack v...
Untrusted applet and application XSLT processing privilege escalation
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
Untrusted applet and application privilege escalation (CVE-2008-1186)
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186,...
Design/Logic Flaw
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.216 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue....
Code injection
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
CVE-2008-1185
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186,...
CVE-2008-1186
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.216 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue....
CVE-2008-1187
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
DSquare Exploit Pack: D2SEC_JAVAWS
Name| d2secjavaws ---|--- CVE| CVE-2008-1190 Exploit Pack| D2ExploitPack Description| Sun Java Web Start Untrusted Application Vulnerability Notes|...
CVE-2008-1186
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.216 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue....
CVE-2008-1185
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186,...
CVE-2008-1187
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
Design/Logic Flaw
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186,...
CVE-2008-1186
CVE-2008-1186: Unspecified privilege-escalation in Sun JRE/JDK 5.0 Update 13 and earlier and J2SDK/JRE 1.4.2_16 and earlier, due to an untrusted application or applet. Remote attackers could gain privileges via such untrusted code. The provided connected documents confirm the vulnerability set in...
CVE-2008-1187
CVE-2008-1187 affects Sun Java Runtime Environment (JRE) and JDK family prior to several updates (J2SE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier). The vulnerability is described as unspecified, allowing remote attackers to cause a denial of service (JRE c...
CVE-2008-1185
CVE-2008-1185 refers to an unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK across multiple legacy versions: JRE/JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier. The description states that remote attackers could gain privileges via a...