Lucene search
K

7 matches found

CVE
CVE
added 2005/06/14 4:0 a.m.86 views

CVE-2005-1974

CVE-2005-1974 corresponds to an unspecified vulnerability in Java 2 Platform (J2SE) 5.0/5.0u1 and 1.4.2 up to 1.4.2_07, affecting multiple platforms including HP-UX and APC PowerChute, where an application can assign permissions to itself and escalate privileges. Connected sources tag this as a J...

5.1CVSS6.3AI score0.02437EPSS
CVE
CVE
added 2006/12/26 11:0 p.m.74 views

CVE-2006-6745

CVE-2006-6745 describes serialization-related flaws in Sun JDK/JRE 5.0 Update 7 and earlier, and Java SDK/JRE 1.4.2_12 and earlier 1.4.x, that could allow an untrusted Java applet or application to gain privileges. The connected advisories confirm these issues affect multiple IBM Java runtimes as...

9.3CVSS6.6AI score0.03058EPSS
CVE
CVE
added 2005/03/22 5:0 a.m.72 views

CVE-2005-0836

CVE-2005-0836 describes an argument injection in Sun Java Web Start/J2SE (Java Web Start for J2SE 1.4.2 up to 1.4.2_06) where the value parameter in a JNLP file’s property tag can be exploited to grant privileges to untrusted applications. This can bypass Java security restrictions and may lead t...

10CVSS6.7AI score0.02927EPSS
CVE
CVE
added 2005/06/14 4:0 a.m.72 views

CVE-2005-1973

CVE-2005-1973 affects Java Web Start in J2SE 5.0 and 5.0 Update 1, where applications can assign permissions to themselves and gain privileges. The connected documents corroborate this vulnerability and its privilege-escalation risk, but do not provide a patch version or explicit remediation steps.

5.1CVSS6.6AI score0.01568EPSS
CVE
CVE
added 2005/03/24 5:0 a.m.58 views

CVE-2005-0418

CVE-2005-0418 is an argument-injection vulnerability in Java Web Start for J2SE 1.4.2 (up to 1.4.2_06) on Mac OS X. The flaw allows an untrusted JNLP file to inject values via a property tag, enabling privilege escalation. Connected entries also reference CVE-2005-0836, which describes a related ...

7.5CVSS7AI score0.01453EPSS
CVE
CVE
added 2006/08/23 1:0 a.m.57 views

CVE-2006-4302

CVE-2006-4302 affects the Java Plug-in J2SE 1.3.0_02–5.0 Update 5, and Java Web Start 1.0–1.2 and J2SE 1.4.2–5.0 Update 5. Remote attackers could exploit vulnerabilities by specifying a JRE version that contains vulnerable components. The available documents do not provide concrete exploit detail...

5CVSS7AI score0.03946EPSS
CVE
CVE
added 2006/02/09 2:0 a.m.56 views

CVE-2006-0613

CVE-2006-0613 affects Java Web Start in J2SE 5.0 Update 5 and earlier. The vulnerability, with an unspecified root cause, could allow a remote attacker to obtain privileges via untrusted Java Web Start applications. The issue was addressed by upgrading to Java SE 5.0 Update 6 or later (or disabli...

4CVSS6.6AI score0.03224EPSS