Sun Java Applet Font.createFont Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17981/info Sun Java is prone to a remote denial-of-service vulnerability because the application fails to properly handle certain Java applets. Successfully exploiting this issue will cause the application to create a...

Sun Java Virtual Machine 1.x Font.createFont Method Insecure Temporary File Creation Weakness

No description provided by source. source: http://www.securityfocus.com/bid/10685/info Sun Java Virtual Machine is a component of the Sun Java infrastructure that performs the handling of Java applets and other programs. It is available for Unix, Linux, and Microsoft platforms. Sun Java Virtual...

Sun Java System Communications Express 6.3 'UWCMain' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34155/info Sun Java System Communications Express is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. This issue is tracked by Sun Alert ID 258068. An attacker ma...

Sun Java System Calendar Server 6 'command.shtml' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34153/info Sun Java System Calendar Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script cod...

Sun Java System 6.x Messenger Express Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20832/info Sun Java System Messenger Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Sun Java Calendar Deserialization Exploit

No description provided by source. $Id: javacalendardeserialize.rb 10389 2010-09-20 04:38:13Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

Sun Java Runtime Environment 1.3/1.4/1.5 Nested Array Objects Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18058/info The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions. This issue is reported to affect Java Runtime...

Sun Java System Calendar Server 6.3 Duplicate URI Request Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34150/info Sun Java System Calendar Server is prone to a denial-of-service vulnerability because it fails to handle certain duplicate URI requests. An attacker can exploit this issue to crash the Calendar Server, resultin...

Sun Java Web Start 1.0/1.2 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31916/info Sun Java Web Start is prone to a remote command-execution vulnerability. Successful exploits may allow attackers to execute arbitrary commands on an unsuspecting user's computer. This may aid in further attacks...

Sun Java Web Server 7.0 u7 Admin Interface DoS

No description provided by source. Sun Java Web Sever 7.0 u7 Admin Interface DOS Software Package sjsws-70u7-windows-i586.zip 4fb8d1fb700d5649234a2891a4ecedea While attempting to verify http://www.exploit-db.com/exploits/14194/ which was not verified, I stumbled across this semi amusing DOS:...

Sun Java System Web Server WebDAV OPTIONS Buffer Overflow

No description provided by source. $Id: sunjswsdavoptions.rb 9971 2010-08-07 06:59:16Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

Sun Java System Web Server 6.1/7.0 HTTP 'TRACE' Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37648/info Sun Java System Web Server is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to crash the affected application or to obtain potentially sensitive information that m...

Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28125/info Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to...

Sun Java Runtime Environment 1.4.2 - Font Parsing Remote Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25340/info The Sun Java Runtime Environment is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the user who invoked the Java applet...

Sun/Oracle GlassFish Server Authenticated Code Execution

No description provided by source. $Id: glassfishdeployer.rb 13485 2011-08-04 17:36:01Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Sun Java System Identity Manager 6.0/7.0/7.1 /idm/help/index.jsp helpUrl Variable Remote Frame Injection

No description provided by source. source: http://www.securityfocus.com/bid/27214/info Sun Java System Identity Manager is prone to multiple input-validation vulnerabilities, including an HTML-injection issue and cross-site scripting issues, because it fails to adequately sanitize user-supplied...

Sun Java 1.x XML Document Nested Entity Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8666/info A problem has been identified in Sun Java when handling XML documents with specific constructs. Because of this, an attacker with the ability to cause the software to parse malicious XML documents may have the...

Sun Java Web Server 7.0 u7 - Exploit with DEP bypass

No description provided by source. Exploit Title: SJWSexv2 Date: 09/07/2010 Author: dmc Software Link: download link if available Version: 7.0 u7 Tested on: Windows XP SP3 - with and without DEP CVE : CVE-2010-0361 / Sun Java Web Server Exploit v2 Tested on: Sun Java Web Server 7.0 update 7 - XP...

Sun Java System Messenger Express 6.3-0.15 'error' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34140/info Sun Java System Messenger Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

Sun Java System Communications Express 6.3 'search.xml' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34154/info Sun Java System Communications Express is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary...