Java Web Start Security Vulnerabilities and Issues — Java Web Start CVE List

Lucene search

SunJava Web Start

5 matches found

CVE•added 2007/09/20 9:17 p.m.•67 views

CVE-2007-5019

Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X allows remote attackers to have an unknown impact via a long argument to the dnsResolve (isInstalled.dnsResolve) method.

10CVSS6.9AI score0.04053EPSS

CVE•added 2005/08/17 4:0 a.m.•55 views

CVE-2003-1229

X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (2) JSSE before 1.0.3, (3) Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and (4) Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which result...

7.5CVSS7.1AI score0.01592EPSS

CVE•added 2008/11/04 1:0 a.m.•44 views

CVE-2008-4910

The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method.

10CVSS7.2AI score0.03172EPSS

CVE•added 2006/08/23 1:4 a.m.•40 views

CVE-2006-4302

The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities.

5CVSS7AI score0.01217EPSS

CVE•added 2005/07/14 4:0 a.m.•39 views

CVE-2002-2005

Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors.

7.5CVSS7.1AI score0.00412EPSS