VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability

VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Java is a programming language and computing platform released by Sun Microsystems. It is the underlying technology that powers...

Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability

This vulnerability allows remote attackers to violate security policies on vulnerable installations of Sun Java Runtime. User interaction is required to exploit this vulnerability in that the target must run a malicious applet. The specific flaw allows malicious applets to connect to network...

VUPEN Security Research - Sun Java JDK/JRE Unpack200 Buffer Overflow Vulnerability

VUPEN Security Research - Sun Java JDK/JRE Unpack200 Buffer Overflow Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Java is a programming language and computing platform released by Sun Microsystems. It is the underlying technology that powers...

Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime. User interaction is required in that a user must be coerced into executing a malicious java application via visiting a website. The specific flaw exists within the...

Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime. Authentication is not required to exploit this vulnerability. The specific flaw exists within the code responsible for ensuring proper privileged execution of methods. If an...

Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within a function responsible for...

Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of JPEG image...

Sun Java System Web Server Remote Code Execution

!/usr/bin/perl aN0THER TiP OF THE iCE-B3RG ReMOTE eXPLoiT //Sun Microsystems Sun Java System Web Server //Broken One Target Remote Exploit for Sparc //by Kingcope and lsd //Bug Found by immunity/gleg CVE-2010-0361 May/2010 WORKS ONLY ON ADD YOUR TARGETS AS YOU WiSH KTHX SunOS unknown 5.10...

Sun Java System Web Server File Disclosure

sun-knockout.pl EXPLOiT CORRECTED, ADD AUTHEN+SSL SuPP0RT iF YOURE kRAD KTHX !/usr/bin/perl aNOTH3R TiP OF THE iCE-BERG ReMOTE eXPLoiT oO SUN MiCROSYSTEMZ - SUN JAVA SYSTEM WEB SERVER Oo oO REMOTE FiLE DiSCLOSURE EXPLOIT Oo oO BUG FOUND & EXPLOiTED BY KiNGCOPE // ISOWAREZ.DE Oo !! THIS EXPLOIT IS...

Oracle Sun Java fails to properly validate Java applet signatures

Overview Oracle Sun Java fails to properly validate Java applet signatures, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Signed Java applets have the ability to perform actions outside of the traditional Java sandbox, including...

Design/Logic Flaw

Cross-site scripting XSS vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site...

CVE-2010-1227

Cross-site scripting XSS vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site...

CVE-2010-1227

CVE-2010-1227 describes a cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 that allows remote attackers to inject arbitrary Web script or HTML via the subject field of a message, demonstrated by a subject containing an IMG element whose SRC attribute ...

CVE-2010-1227

Cross-site scripting XSS vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site...

Critical: Red Hat Security Advisory: java-1.6.0-sun security update

Updated java-1.6.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, whic...

Secunia Research: Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow

====================================================================== Secunia Research 31/03/2010 - Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow - ====================================================================== Table of Contents Affected...

Secunia Research: Sun Java JDK/JRE Soundbank Resource Parsing Buffer Overflow

====================================================================== Secunia Research 31/03/2010 - Sun Java JDK/JRE Soundbank Resource Parsing Buffer Overflow - ====================================================================== Table of Contents Affected...

Sun Java System Communications Express Multiple HTML Injection Vuln

Exploit for unknown platform in category web applications ============================================================================== Sun Java System Communications Express Multiple HTML Injection Vulnerabilities ============================================================================== As...

Sun Java Web Start JNLP java-vm-args Heap Buffer Overflow (CVE-2008-3111)

The Sun Java Web Start is a component of the Java 2 Runtime Environment JRE. It allows for the network deployment of Java applications. This component enables stand-alone Java applications to be downloaded from a remote network location and invoked on a target machine. There exists a heap buffer...

Sun Java System Directory Server LDAP Search Request DoS Vulnerability (Jan 2010)

Sun Java System Directory Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...