1772 matches found
Sun Java JRE Multiple Vulnerabilities (102729 / 102732) (Unix)
According to its version number, the Sun JRE installed on the remote host has two buffer overflow issues that may allow an untrusted applet to elevate its privileges to, for example, read or write local files or to execute local applications subject to the privileges of the user running the apple...
CVE-2012-3155
Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB...
CVE-2012-3155
Removed by vendor...
CVE-2012-3155
The CVE-2012-3155 entry concerns an unspecified DoS vulnerability in the CORBA ORB subcomponent affecting Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1/3.1.2, and Sun Java System Application Server 8.1/8.2. The flaw targets the CORBA ORB component and is described as allowi...
Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64
This update fixes several vulnerabilities in the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the 'Oracle Java SE and Java for Business Critical Patch Update Advisory' page. CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4451,...
Scientific Linux Security Update : java-1.6.0-sun on SL4.x, SL5.x i386/x86_64 (20120216)
This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch page. CVE-2011-3563, CVE-2011-3571, CVE-2011-5035, CVE-2012-0498, CVE-2012-0499,...
Scientific Linux Security Update : java-1.6.0-sun on SL5.x i386/x86_64 (20120613)
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on th...
Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64
This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the 'Oracle Java SE Critical Patch Update Advisory' page CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863,...
Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64
CVE-2009-2409 deprecate MD2 in SSL cert validation Kaminsky CVE-2009-3873 OpenJDK JPEG Image Writer quantization problem 6862968 CVE-2009-3875 OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities 6863503 CVE-2009-3876 OpenJDK ASN.1/DER input stream parser denial of service 68649...
Scientific Linux Security Update : java-1.6.0-sun on SL5.x i386/x86_64 (BEAST)
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on th...
Critical: Red Hat Security Advisory: java-1.6.0-sun security update
Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Protection against Black Hole Toolkit v1.2.3 Java Array Exploits (CVE-2009-1671; CVE-2012-0507)
A buffer overflow vulnerability has been reported in Sun Java SE Runtime Environment...
Sun Java Web Start Plugin Command Line Argument Injection (2012)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Sun Java Web...
Sun Java Web Start Plugin - Command Line Argument Injection (2012) (Metasploit)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Sun Java Web...
Sun Java Web Start Plugin Command Line Argument Injection (2012)
Exploit for windows platform in category remote exploits $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Sun Java Web Start Plugin Command Line Argument Injection
This module exploits a flaw in the Web Start component of the Sun Java Runtime Environment. The arguments passed to Java Web Start are not properly validated, allowing injection of arbitrary arguments to the JVM. By utilizing the lesser known -J option, an attacker can take advantage of the...
Critical: Red Hat Security Advisory: java-1.6.0-sun security update
Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring...
Oracle Java Applet Rhino脚本引擎远程代码执行漏洞
Bugtraq ID: 50218 CVE ID:CVE-2011-3544 Sun Java Runtime Environment是一款为JAVA应用程序提供可靠的运行环境的解决方案。 Java处理Rhino JavaScript错误存在缺陷,Java中的内置javascript引擎没有对javascript错误对象执行充分过滤,结果导致不可信代码以特权上下文运行 Sun SDK Windows Production Release 1.4.2 24 Sun SDK Windows Production Release 1.4.2 15 Sun SDK Windows...
Sun Java Web Console BeginLogin.jsp redirect_url Parameter URI Redirection
The version of Sun Java Web Console running on the remote host may have a URI redirection vulnerability. An attacker could exploit this by tricking a user into requesting a specially crafted URL, which would redirect the user to an arbitrary website. This could result in further attacks e.g...
CVE-2011-3559
Unspecified vulnerability in Oracle Communications Server 2.0; GlassFish Enterprise Server 2.1.1, 3.0.1, and 3.1.1; and Sun Java System App Server 8.1 and 8.2 allows remote attackers to affect availability via unknown vectors related to Web Container...