CVE-2009-3876

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

CVE-2009-3868

Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970...

CVE-2009-3876

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

EUVD-2009-3842

Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...

CVE-2009-3877

CVE-2009-3877 affects Sun Java SE/JRE/JDK across multiple releases: JRE/JDK 5.0 before Update 22, JRE/JDK 6 before Update 17, and older 1.3.x before 1.3.1_27 and 1.4.x before 1.4.2_24. Root cause: the ASN.1 DER input stream parser fails to properly parse crafted HTTP headers, enabling a remote at...

CVE-2009-3873

The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968...

CVE-2009-3866

The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an...

EUVD-2009-3848

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted HTTP headers, which are not...

CVE-2009-3878

The CVE refers to a buffer overflow in Sun Java System Web Server 7.0 Update 6. The connected OpenVAS entries confirm Windows and Linux variants of a Sun Java System Web Server Buffer Overflow vulnerability (CPE: s sun java_system_web_server). The root cause is a buffer overflow in the server com...

CVE-2009-3865

CVE-2009-3865 affects Sun Java SE/JDK 6 with JRE before Update 17, specifically the Deployment Toolkit launch method in Sun Java Runtime Environment. The vulnerability allows remote code execution via a crafted web page, as indicated by Bug 6869752. The referenced sources describe the issue in th...

CVE-2009-3867

CVE-2009-3867 is a stack-based buffer overflow in Sun Java SE: HsbParser.getSoundBank that can allow remote code execution via a long file: URL argument. Affected are Sun JDK/JRE 5.0 before Update 22, JDK/JRE 6 before Update 17, SDK/JRE 1.3.x before 1.3.1_27, and SDK/JRE 1.4.x before 1.4.2_24. Ex...

CVE-2009-3876

CVE-2009-3876 affects Sun Java SE/JRE/JDK components. The vulnerability stems from the ASN.1 DER input stream parser failing to properly decode crafted DER-encoded data, allowing remote attackers to cause a denial of service via memory consumption. Affected products include Sun JRE/JDK 5.0 before...

CVE-2009-3868

CVE-2009-3868 affects Sun Java SE (JDK/JRE 5.0 before Update 22, JDK/JRE 6 before Update 17, SDK/JRE 1.3.x before 1.3.1_27, SDK/JRE 1.4.x before 1.4.2_24) and arises from improper parsing of color profiles. A crafted image file could allow remote attackers to gain privileges. The description spec...

CVE-2009-3872

CVE-2009-3872 affects Sun Java SE/J2SE/JDK/JRE JPEG JFIF Decoder. A vulnerability in the JPEG decoding path allows remote attackers to gain privileges via a crafted image file. Affected products/versions include Sun Java 5.0 before Update 22, Java 6 before Update 17, and older SDK/JRE 1.3.x befor...

CVE-2009-3873

CVE-2009-3873 is the OpenJDK/Sun JPEG Image Writer quantization vulnerability. The issue allows remote attackers to gain privileges by crafting a malicious image file. Affected products include Sun Java SE JDK/JRE 5.0 prior to Update 22, JDK/JRE 6 prior to Update 17, and SDK/JRE 1.4.x prior to 1....

CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted HTTP headers, which are not...

CVE-2009-3878

Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vdsjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is...

CVE-2009-3868

Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970...

CVE-2009-3872

Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969...

Immunity Canvas: SUN_JAVA_HSBPARSER

Name| sunjavahsbparser ---|--- CVE| CVE-2009-3867 Exploit Pack| CANVAS Description| sunjavahsbparser Notes| URL: http://seclists.org/bugtraq/2009/Nov/37 CVE Name: CVE-2009-3867 VENDOR: Sun CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-3867...