BMP image parser vulnerability

The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...

Sun Java Web Start dnsResolve ActiveX Buffer Overflow (CVE-2007-5019)

Microsoft SQL Server is a Relational Database Management System RDBMS that can be managed through Distributed Management Objects DMO. A remote attacker can exploit this issue to execute arbitrary code on vulnerable server...

Sun Java JRE / JDK multiple security vulnerabilities

Multiple sandbox restriction bypass vulnerabilities...

CVE-2007-5689

The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...

Design/Logic Flaw

The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...

CVE-2007-5689

The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...

CVE-2007-5689

The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...

CVE-2003-1521

CVE-2003-1521 affects Sun Java Plug-In 1.4–1.4.2_02. The issue enables remote attackers to repeatedly access the floppy drive via createXmlDocument in the org.apache.crimson.tree.XmlDocument class, violating the Java security model. The connected Red Hat and CVE records confirm the same descripti...

CVE-2003-1521

Sun Java Plug-In 1.4 through 1.4.202 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model...

openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-4525)

The Sun JAVA JDK 1.6.0 was upgraded to release 3 to fix various bugs, including the following security bugs : http://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1 CVE-2007-5232: Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and...

openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-4527)

The Sun JAVA JDK 1.5.0 was upgraded to release 13 to fix various bugs, including the following security bugs : http://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1 CVE-2007-5232: Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and...

openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-4536)

The Sun JAVA JDK 1.4.2 was upgraded to release 16 to fix various bugs, including the following security bugs : http://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1 CVE-2007-5232: Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and...

openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-3843)

The Sun JAVA JDK 1.4.2 was upgraded to release 15 to fix various bugs, including the following security bugs : CVE-2007-2788 / CVE-2007-3004: Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit JDK, allows remote attackers to execute arbitrary code or cause a...

openSUSE 10 Security Update : java-1_4_2-sun-demo (java-1_4_2-sun-demo-2469)

The SUN Java packages have been upgraded to 1.4.2 update 13 and 1.5.0 update 10 to fix various security problems, this update contains the missing packages that were left out for 10.2. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-2427)

The SUN Java packages have been upgraded to 1.5.010 to fix various security problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update java-150-sun-2427. The text description of this plugin is ...

openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-2425)

The SUN Java packages have been upgraded to 1.4.2 update 13 to fix various security problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update java-142-sun-2425. The text description of this...

Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition

The Java Secure Socket Extension JSSE in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.211 through 1.4.214, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service CPU consumption via certain SSL/TLS handshake...

BMP image parser vulnerability

The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...

CVE-2007-5375

Interpretation conflict in the Sun Java Virtual Machine JVM allows user-assisted remote attackers to conduct a multi-pin DNS rebinding attack and execute arbitrary JavaScript in an intranet context, when an intranet web server has an HTML document that references a "mayscript=true" Java applet...

Hardcoded credentials

Interpretation conflict in the Sun Java Virtual Machine JVM allows user-assisted remote attackers to conduct a multi-pin DNS rebinding attack and execute arbitrary JavaScript in an intranet context, when an intranet web server has an HTML document that references a "mayscript=true" Java applet...