1772 matches found
CVE-2003-1123
Sun Java Runtime Environment JRE and SDK 1.4.001 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model...
CVE-2005-0471
CVE-2005-0471 affects Sun Java JRE 1.1.x through 1.4.x. The vulnerability arises when the Java runtime writes temporary files with long filenames that become predictable on file systems using 8.3 short names, enabling remote attackers to write arbitrary files to known locations and potentially ex...
CVE-2005-0471
Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that...
Sun Java Plugin may create temporary files with predictable names
Overview The Sun Java Plugin may allow remote users to create files with arbitrary content in a specific location. Description From the Sun Java Plugin page:Java Plug-in technology, included as part of the Java 2 Runtime Environment, Standard Edition JRE, establishes a connection between popular...
Sun Java JRE Plug-in Capability Arbitrary Package Access
The remote host is using a vulnerable version of Sun Java Runtime Plug-in, a web browser addon used to display Java applets. Two security issues have been reported in the remote version of this product : - An untrusted applet may escalate its privileges in order to read, write or execute files on...
Sun Java plugin sandbox protection bypass
It's possible to break sandbox protection and access local files and applications...
[SA13918] Sun Java Plug-In Two Vulnerabilities
TITLE: Sun Java Plug-In Two Vulnerabilities SECUNIA ADVISORY ID: SA13918 VERIFY ADVISORY: http://secunia.com/advisories/13918/ CRITICAL: Highly critical IMPACT: Security Bypass, System access WHERE: From remote SOFTWARE: Sun Java SDK 1.4.x http://secunia.com/product/1661/ Sun Java SDK 1.3.x...
CVE-2004-1350
Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6–3.6 SP4 contains multiple buffer overflows that allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests. The issue affects the proxy server’s handling of input in its network-facing compon...
CVE-2004-1350
Multiple buffer overflows in Sun Java System Web Proxy Server formerly Sun ONE Proxy Server 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests...
CVE-2004-2216
Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service crash via a malformed client certificate...
[SA13497] Sun Java Messaging Server Webmail Script Insertion Vulnerability
TITLE: Sun Java Messaging Server Webmail Script Insertion Vulnerability SECUNIA ADVISORY ID: SA13497 VERIFY ADVISORY: http://secunia.com/advisories/13497/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Sun Java System Messaging Server 6.x...
[SA13437] Sun Java System Web Server / Application Server Session ID Disclosure
TITLE: Sun Java System Web Server / Application Server Session ID Disclosure SECUNIA ADVISORY ID: SA13437 VERIFY ADVISORY: http://secunia.com/advisories/13437/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Sun Java System Web Server Sun ONE/iPlanet...
CVE-2004-1029
The Sun Java Plugin capability in Java 2 Runtime Environment JRE 1.4.201, 1.4.204, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using th...
CVE-2004-1029
The vulnerability CVE-2004-1029 affects Sun Java Plug-in in JRE 1.4.2_01, 1.4.2_04, and possibly earlier versions, where data transfer between JavaScript and Java applets fails to restrict access. The root cause is improper isolation that allows a remote attacker to use reflection to access priva...
iDEFENSE Security Advisory 11.22.04: Sun Java Plugin Arbitrary Package Access Vulnerability
Sun Java Plugin Arbitrary Package Access Vulnerability iDEFENSE Security Advisory 11.22.04 www.idefense.com/application/poi/display?id=158&type=vulnerabilities November 22, 2004 I. BACKGROUND Java Plug-in technology, included as part of the Java 2 Runtime Environment, Standard Edition JRE,...
Sun Java Plug-in fails to restrict access to private Java packages
Overview There is a vulnerability in the Sun Java Plug-in that could allow a malicious Java applet to bypass restrictions for untrusted applets. Description The Java Plug-in is part of the Java 2 Runtime Environment JRE and establishes a framework for displaying Java applets within a web browser...
[SA13036] Sun Java System Web Proxy Server Unspecified Buffer Overflow Vulnerabilities
TITLE: Sun Java System Web Proxy Server Unspecified Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA13036 VERIFY ADVISORY: http://secunia.com/advisories/13036/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: From remote SOFTWARE: Sun Java System Web Proxy Server 3.x...
CVE-2004-1350
Multiple buffer overflows in Sun Java System Web Proxy Server formerly Sun ONE Proxy Server 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests...
Sun Java System Access Manager Version Detection
Binary data 4565.prm...
JSP information disclosure in Sun Java System application server
Binary data 4508.prm...