19 matches found
EUVD-2008-0869
Malware in sbrugna...
Access Restriction Bypass
java-openjdk is vulnerable to Access restriction bypass. Due to some flaws in the Java Virtual Machine JVM and in various Java class implementations, it allows an unsigned applet or application to bypass intended access restrictions...
USN-2817-1 icedtea-web vulnerabilities
It was discovered that IcedTea Web incorrectly handled applet URLs. A remote attacker could possibly use this issue to inject applets into the .appletTrustSettings configuration file and bypass user approval. CVE-2015-5234 Andrea Palazzo discovered that IcedTea Web incorrectly determined the orig...
IcedTea-Web Incorrectly Validates Unsigned Applet Vulnerability
IcedTea with an open source implementation to replace those non-open source parts of the OpenJDK , and for the current lack of platform portability OpenJDK to provide portability . IcedTea-Web fails to properly verify the origin of an unsigned applet, allowing remote attackers to build malicious...
Java Applet JMX remote code execution-vulnerability warning-the black bar safety net
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. require 'msf/core' require 'rex' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking...
Java Applet JMX Remote Code Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class Metasploit3 false def initialize inf...
Java Applet JMX Remote Code Execution
This module abuses the JMX classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in February of 2013. Additionally, this module bypasses default security settings introduced in Java 7 Update 10 to run unsigned applet without displaying any warning t...
Oracle Java Unsigned Applet Applet2ClassLoader Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...
OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...
OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...
Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 (java-1.6.0-openjdk)
Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 java-1.6.0-openjdk Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 (java-1.6.0-openjdk)
Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 java-1.6.0-openjdk Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...
OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...
OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...
OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...
OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...
Privilege escalation applet, Java Media Framework
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Bugtraqqers, this is the proof-of-concept code for the vulnerability described in http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert2F54760 The code shows that there is more in this vulnerability than crash the vm, it allows to read and write...