392 matches found
CVE-2013-0424
CVE-2013-0424 is an unspecified vulnerability in the Java Runtime Environment (JRE) component affecting Oracle Java SE 7 up to Update 11, 6 up to Update 38, 5.0 up to Update 38, and 1.4.2_40 and earlier, plus OpenJDK 7. The issue relates to RMI and could allow remote attackers to affect integrity...
CVE-2012-0551
Technical details for CVE-2012-0551 are not publicly available in the provided documents; no affected products, root cause, impact, or fixes are described here. Monitor for updates.
CVE-2013-0809
CVE-2013-0809 is an integer overflow vulnerability in the 2D ImagingLib component of Oracle Java (paired with CVE-2013-1493). Exploitation could allow a remote attacker to achieve arbitrary code execution by enticing a user to visit a malicious page; affected are Java releases up to Oracle JDK/JR...
CVE-2013-2429
CVE-2013-2429 is an unspecified vulnerability in the Java Runtime Environment’s ImageIO component, affecting Oracle Java SE 7u17 and earlier, Java SE 6u43 and earlier, Java SE 5.0u41 and earlier, and OpenJDK 6/7. It allows remote attackers to compromise confidentiality, integrity, and availabilit...
CVE-2012-1533
CVE-2012-1533 is an unspecified vulnerability in the JRE components shipped with Java SE 7u7 and earlier and Java SE 6u35 and earlier, allowing remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. In IBM Rational Functional Tester cont...
CVE-2013-1493
CVE-2013-1493 affects Oracle Java SE 7 (and older Java 6/5 branches) where the 2D color management (CMM) component can be triggered via crafted image raster parameters, causing an out-of-bounds read or memory corruption in the JVM and enabling remote code execution or crash. Exploitation in the w...
CVE-2013-2383
CVE-2013-2383 is a glyph-table vulnerability in the ICU library (ICU component). Debian advisories (DSA-3187-1 / DLA-219-1) enumerate CVE-2013-2383 among related ICU issues and note fixes: for the Debian Wheezy (stable) release, ICU was fixed in version 4.8.1.1-12+deb7u2, and future (Jessie/sid) ...
CVE-2013-2419
CVE-2013-2419 relates to the ICU library and is labeled as a font processing issue. The connected Debian advisories show it among several ICU CVEs and indicate fixes in ICU package updates: for Debian Wheezy (stable) in icu 4.8.1.1-12+deb7u2, and for Jessie/sid in icu 52.1-7.1. The DLA-219-1 and ...
CVE-2013-0440
CVE-2013-0440 is an unspecified vulnerability in the Java Runtime Environment affecting availability via JSSE. It impacts Oracle Java SE 7 (up to 11), 6 (up to 38), 5.0 (up to 38), and 1.4.2_40 and earlier, as well as OpenJDK 7. The issue is tied to the February 2013 CPU and has been referenced a...
CVE-2013-1478
CVE-2013-1478 is an unspecified vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE 7 up to Update 11, OpenJDK 6/7, and older JREs, with vectors related to 2D. Disclosures describe an issue where an attacker could craft a harmful java.awt.image.Raster object to trigger me...
CVE-2013-2384
CVE-2013-2384 is a font layout issue in the International Components for Unicode (ICU) library. Connected advisories indicate the problem affected ICU components as shipped in Linux distributions (e.g., icu in Debian stable/wheezy and in newer Debian releases). The Debian security entries list CV...
CVE-2012-5081
CVE-2012-5081 is an unspecified vulnerability in the Java Runtime Environment (JRE) JSSE component, linked to remote unavailability impacts. The F5 advisory maps this CVE to Oracle Java SE 7/6/5 and OpenJDK 1.4.x-era releases, stating that affected BIG-IP/ARX/EM products may be vulnerable and rec...
CVE-2013-1569
CVE-2013-1569 is a glyph table issue in the ICU library (Unicode components). Connected sources confirm ICU-related fixes across Debian and Gentoo advisories, with CVE-2013-1569 listed alongside other ICU CVEs. Debian DSA-3187-1/DSA-3187-1:B06DD note the issue across icu across multiple releases;...
CVE-2013-1571
CVE-2013-1571 is a frame-injection vulnerability in Javadoc-generated HTML that can enable clickjacking. It is documented across multiple IBM advisories (InfoSphere MashupHub, Prerequisite Scanner, Streams, Guardium Data Redaction, Tivoli Monitoring, etc.) and IBM notes the Java documentation may...
CVE-2013-0425
CVE-2013-0425 is documented in IBM security flash entries for IBM Java/JRE components embedded in IBM Tivoli products (e.g., IBM Tivoli System Automation for Integrated Operations Management and IBM Smart Analytics System). The vulnerability relates to the java.util.Logger and logging infrastruct...
CVE-2013-0441
CVE-2013-0441 is observed in IBM-referenced advisories as one of multiple Java Runtime Environment vulnerabilities affecting IBM Tivoli products (embedded JRE). The connected IBM entries describe CVE-2013-0441 as part of a family of JRE flaws (including CORBA/serialization related issues) in IBM ...
CVE-2013-1475
CVE-2013-1475 is an IBM-referenced vulnerability describing an I/O/serialization cache collision in ObjectStreamClass: when two classes share the same serialPersistentFields, a type-confusion risk arises. IBM documents tie this to CORBA-related Java runtimes and note an affected IBM product stack...
CVE-2013-0443
CVE-2013-0443 is an unspecified vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE 7 up to Update 11, Java SE 6 up to Update 38, Java SE 5.0 up to Update 38, and OpenJDK 6/7. The issue allows remote attackers to affect confidentiality and integrity via vectors related to...
CVE-2013-2473
CVE-2013-2473 is described as an unspecified vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE 7u21 and earlier, 6u45 and earlier, 5.0u45 and earlier, and OpenJDK 7, with an attack vector related to the 2D component and potential Java sandbox bypass. IBM documentation l...
CVE-2013-2463
CVE-2013-2463 affects the 2D component (ImagingLib) of Oracle/OpenJDK Java runtimes. Connected advisories describe memory corruption risks in ImagingLib.lookupByteBI and related 2D processing, potentially exploitable by untrusted Java applications/APIs. Affected packages include OpenJDK/OpenJDK-d...
CVE-2013-2470
CVE-2013-2470 affects Oracle Java SE (7u21 and earlier, 6u45 and earlier, 5.0u45 and earlier) and OpenJDK 7. The flaw is a memory corruption/heap-buffer overflow in the 2D ImagingLib.lookupByteBI path, enabling a remote attacker to execute arbitrary code or potentially terminate the JVM. Public a...
CVE-2011-3547
CVE-2011-3547 is an unspecified vulnerability in the Java Runtime Environment component of Oracle Java SE JDK/JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier. It allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidenti...
CVE-2013-0432
CVE-2013-0432 affects the Java Runtime Environment (JRE) component in Oracle Java SE 7 (through Update 11) and OpenJDK 6/7. The issue is described as an unspecified vulnerability related to AWT that allows remote attackers to affect confidentiality and integrity. The provided connected documents ...
CVE-2013-0434
CVE-2013-0434 is a disclosed vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE 7 up to Update 11, OpenJDK 6/7, and related JAXP components. The issue is described as an unspecified confidentiality impact via JAXP vectors, with a note that claims relate to the loadProper...
CVE-2013-0442
CVE-2013-0442 affects the Java Runtime Environment (Oracle Java SE 7u11, 6u38, 5.0u38 and earlier; OpenJDK 6/7) with an unspecified vulnerability in the JRE related to AWT that could allow remote attackers to compromise confidentiality, integrity and availability. The MiracleLinux and other Nessu...
CVE-2012-1713
CVE-2012-1713 is described as an unspecified vulnerability in the Java Runtime Environment (JRE) component affecting Oracle Java SE 7u4 and earlier, 6u32 and earlier, 5u35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier, enabling remote attackers to affect confidentiality, integrity...
CVE-2013-2417
CVE-2013-2417 is listed in MiracleLinux AXSA advisories for OpenJDK/JRE components in Oracle Java SE 7u17 and earlier (and 6u43/5.0u41 and earlier) with unspecified vectors affecting availability via Networking. The MiracleLinux AXSA-2013-427/428 and related Nessus entries enumerate CVE-2013-2417...
CVE-2013-2453
CVE-2013-2453 is documented in the MiracleLinux AXSA-2013-553:03 advisory and in Oracle's JRE CPU notes as an unspecified vulnerability in the Java Runtime Environment related to JMX. The MiracleLinux block confirms the issue affects OpenJDK/OpenJRE lines and mirrors the description that the vuln...
CVE-2012-0547
CVE-2012-0547 is a Java SE/JRE issue affecting Oracle JRE 7u6 and earlier and 6u34 and earlier. The vulnerability is described as a security-in-depth, AWT-related issue that is not directly exploitable on its own, but can aggravate vulnerabilities that are exploitable when combined with others. A...
CVE-2013-1500
CVE-2013-1500 is described in multiple IBM advisories as an unspecified vulnerability in the Java Runtime Environment (JRE) 2D component that can affect confidentiality and integrity, primarily via local vectors. MiracleLinux/OpenJDK/Oracle Java references (CVE-2013-1500) indicate affected platfo...
CVE-2013-2420
CVE-2013-2420 is an integer overflow in sun.awt.image.ImageRepresentation.setPixels in Oracle Java SE 7/6 (and OpenJDK 6/7) related to image/raster dimension validation in the 2D component. A remote attacker could exploit this via a crafted image/page to achieve arbitrary code execution, affectin...
CVE-2013-2407
CVE-2013-2407 is an unspecified vulnerability in the Java Runtime Environment Libraries component affecting Oracle JRE 7u21 and earlier, OpenJDK 7, and related OpenJDK/JRE builds, described as allowing remote attackers to affect confidentiality and availability via unknown vectors. MiracleLinux A...
CVE-2013-2464
CVE-2013-2464 is described as an unspecified vulnerability in the Oracle Java SE JRE with potential impact to confidentiality, integrity, and availability via unknown vectors related to 2D. Connected documents provide concrete details for related CVEs (2463, 2465, 2470, 2471, 2472, 2473) indicati...
CVE-2013-5780
CVE-2013-5780 is described as an unspecified vulnerability in Oracle Java/JVM libraries affecting confidentiality (partial) and is rated CVSS 4.3 (NVD). IBM advisories reiterate that the IBM SDK/JAVA components (versions 5, 6, 7) are affected and provide remediation by upgrading to newer IBM JRE/...
CVE-2012-1725
CVE-2012-1725 is described as an unspecified vulnerability in the Java Runtime Environment (JRE) related to Hotspot, affecting confidentiality, integrity, and availability. Connected advisories show this CVE being addressed in Java components across multiple distributions (including OpenJDK/OpenJ...
CVE-2012-3216
CVE-2012-3216 is an unspecified vulnerability in the Java Runtime Environment (JRE) component, described as affecting Libraries and allowing remote attackers to affect confidentiality via unknown vectors. Connected advisories show this CVE being addressed by vendor JRE patches in multiple product...
CVE-2013-2424
CVE-2013-2424 is shown in MiracleLinux advisory AXSA-2013-427/AXSA-2013-428 as an unspecified vulnerability in the Java Runtime Environment (JRE) component that affects OpenJDK/JRE within MiracleLinux OpenJDK deployments. The issue is described as enabling remote attackers to affect confidentiali...
CVE-2013-1480
CVE-2013-1480 is an input-related, memory-corruption risk in the Java Runtime Environment (JRE) / OpenJDK when processing AWT raster data. The vulnerability is described as an unspecified issue in JRE/AWT that can be exploited remotely to affect confidentiality, integrity, and availability via AW...
CVE-2013-2443
CVE-2013-2443 is documented across connected IBM security bulletins as a Java JRE vulnerability (Libraries component) with confidentiality/integrity impact and unknown attack vectors. IBM remediation guidance centers on applying the provided fixes in the affected IBM products (e.g., WebSphere/ODM...
CVE-2012-1718
CVE-2012-1718 is an unspecified vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE up to certain older builds (7u4 and earlier, 6u32 and earlier, 5u35 and earlier, and 1.4.2_37 and earlier) that could allow remote attackers to affect availability via unknown vectors rela...
CVE-2013-0428
CVE-2013-0428 is reported for IBM’s embedded JRE in IBM TADDM (Tivoli Application Dependency Discovery Manager) 7.2.x. The connected IBM bulletin describes the flaw as: in the java.lang.reflect package, package access permission checks may fail under certain conditions, enabling reflective proxie...
CVE-2013-2412
CVE-2013-2412 is an unspecified vulnerability in the Java Runtime Environment (JRE) Serviceability area that Oracle/OpenJDK-related CPUs list as allowing remote/confidentiality impact via unknown vectors. In connected documents, MiracleLinux AXSA-2013-553:03 documents CVE-2013-2412 as one of mult...
CVE-2013-2430
CVE-2013-2430 is a Java Runtime Environment (JRE) vulnerability affecting confidentiality, integrity, and availability via unknown vectors related to ImageIO in Oracle Java SE 7u17 and earlier, 6u43 and earlier, 5.0u41 and earlier, JavaFX 2.2.7 and earlier, and OpenJDK 6/7. Connected advisories c...
CVE-2013-2459
The provided connected documents confirm concrete details for CVE-2013-2459 and related Java JRE/OpenJDK vulnerabilities in IBM/MiracleLinux advisories (June 2013 CPU era). MiracleLinux AXSA entries list numerous CVEs (e.g., CVE-2013-1500, CVE-2013-1571, CVE-2013-2444 to CVE-2013-2473, including ...
CVE-2013-2471
CVE-2013-2471 is a remote-code-execution type vulnerability in the Java 2D/awt stack affecting Oracle JRE/JDK and OpenJDK (across 6 and 7 lines) identified by multiple advisories. The issue is described as memory corruption in the 2D component related to IntegerComponentRaster size checks, with p...
CVE-2013-2444
CVE-2013-2444 is listed in MiracleLinux AXSA advisories as an unspecified vulnerability in the Java Runtime Environment, with the description noting an issue in the JRE related to resources handling in AWT that could affect availability (potential font processing/temporary files). The MiracleLinu...
CVE-2013-2447
CVE-2013-2447 is listed in MiracleLinux advisories as an unspecified vulnerability in the Java Runtime Environment (JRE) component affecting OpenJDK/OpenJDK builds. The affected products are MiracleLinux 3 (java-1.6.0-openjdk) and MiracleLinux 4 (java-1.7.0-openjdk). The description notes remote ...
CVE-2013-2469
CVE-2013-2469 is a Java Runtime Environment (JRE) vulnerability reported across IBM advisories related to IBM Java SDK shipped with Tivoli/TPC, WebSphere Real Time, and ITM components. The issue affects JREs included in Oracle Java SE 7u21 and earlier, 6u45 and earlier, 5.0u45 and earlier, and Op...
CVE-2013-2472
CVE-2013-2472 is an unspecified vulnerability in the JRE component of Oracle Java SE up to 7u21, 6u45, 5.0u45 and OpenJDK 7, with unknown vectors related to 2D. It is described as potentially bypassing the Java sandbox, impacting confidentiality, integrity, and availability. No public remediation...
CVE-2013-1557
CVE-2013-1557 is described in multiple advisories as an unspecified vulnerability in the Java Runtime Environment (JRE) related to RMI, potentially allowing a remote attacker to affect confidentiality, integrity, and availability. Connected sources (including MiracleLinux AXSA advisories and IBM ...