Jre@1.3.1 18 Security Vulnerabilities and Issues — Jre@1.3.1 18 CVE List

Lucene search

SunJre1.3.1 18

49 matches found

cve•added 2010/04/01 4:30 p.m.•104 views

CVE-2010-0848

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.8AI score0.03647EPSS

cve•added 2009/11/05 4:30 p.m.•103 views

CVE-2009-3869

Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote at...

9.3CVSS7.8AI score0.78483EPSS

cve•added 2009/03/25 11:30 p.m.•101 views

CVE-2009-1098

Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998.

9.3CVSS7.8AI score0.14591EPSS

cve•added 2009/11/05 4:30 p.m.•96 views

CVE-2009-3876

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not...

5CVSS6.2AI score0.10466EPSS

cve•added 2009/03/25 11:30 p.m.•94 views

CVE-2009-1094

Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown ve...

10CVSS7.6AI score0.06268EPSS

cve•added 2008/12/05 11:30 a.m.•93 views

CVE-2008-5360

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unkn...

6.4CVSS7.5AI score0.02786EPSS

cve•added 2010/10/19 10:0 p.m.•92 views

CVE-2010-3571

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2...

10CVSS7.5AI score0.14119EPSS

cve•added 2009/03/25 11:30 p.m.•90 views

CVE-2009-1093

LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to ca...

5CVSS7.1AI score0.09448EPSS

cve•added 2009/11/05 4:30 p.m.•90 views

CVE-2009-3877

5CVSS6.2AI score0.08574EPSS

cve•added 2009/11/05 4:30 p.m.•89 views

CVE-2009-3873

The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968.

9.3CVSS6.5AI score0.11365EPSS

cve•added 2010/10/19 10:0 p.m.•88 views

CVE-2010-3556

10CVSS6.8AI score0.1145EPSS

cve•added 2009/11/05 4:30 p.m.•87 views

CVE-2009-3868

Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.

9.3CVSS6.3AI score0.14549EPSS

cve•added 2009/11/05 4:30 p.m.•87 views

CVE-2009-3875

The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possi...

5CVSS6.3AI score0.02476EPSS

cve•added 2010/10/19 10:0 p.m.•86 views

CVE-2010-3562

10CVSS7.9AI score0.15526EPSS

cve•added 2009/11/05 4:30 p.m.•84 views

CVE-2009-3874

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file ...

9.3CVSS7.8AI score0.06624EPSS

cve•added 2009/11/05 4:30 p.m.•82 views

CVE-2009-3871

Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote ...

9.3CVSS7.9AI score0.09429EPSS

cve•added 2010/10/19 10:0 p.m.•81 views

CVE-2010-3574

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the O...

10CVSS7.3AI score0.08474EPSS

cve•added 2009/11/05 4:30 p.m.•80 views

CVE-2009-3867

Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in a...

9.3CVSS7.7AI score0.89161EPSS

cve•added 2010/10/19 10:0 p.m.•80 views

CVE-2010-3549

6.8CVSS7.2AI score0.05715EPSS

cve•added 2008/12/05 11:30 a.m.•77 views

CVE-2008-5357

Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, whic...

9.3CVSS8AI score0.05763EPSS

cve•added 2010/10/19 10:0 p.m.•77 views

CVE-2010-3559

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS7.5AI score0.1366EPSS

cve•added 2008/07/09 11:41 p.m.•76 views

CVE-2008-3108

Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.

10CVSS8.8AI score0.10642EPSS

cve•added 2010/04/01 4:30 p.m.•75 views

CVE-2010-0842

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March ...

7.5CVSS7.4AI score0.91327EPSS

cve•added 2010/10/19 10:0 p.m.•75 views

CVE-2010-3541

5.1CVSS7.3AI score0.01328EPSS

cve•added 2010/04/01 4:30 p.m.•74 views

CVE-2010-0847

7.5CVSS7.5AI score0.05186EPSS

cve•added 2008/12/05 11:30 a.m.•73 views

CVE-2008-5359

Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in t...

9.3CVSS8AI score0.24847EPSS

cve•added 2009/11/05 4:30 p.m.•73 views

CVE-2009-3872

Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.

9.3CVSS6.2AI score0.13016EPSS

cve•added 2007/05/22 12:30 a.m.•72 views

CVE-2007-2789

The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier, when running on Unix/Linux syst...

4.3CVSS6.2AI score0.05299EPSS

cve•added 2010/10/19 10:0 p.m.•72 views

CVE-2010-3557

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

6.8CVSS7.2AI score0.05715EPSS

cve•added 2010/04/01 4:30 p.m.•71 views

CVE-2010-0082

Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

5.1CVSS6.8AI score0.03647EPSS

cve•added 2010/10/19 10:0 p.m.•71 views

CVE-2010-3572

10CVSS6.8AI score0.1145EPSS

cve•added 2010/04/01 4:30 p.m.•69 views

CVE-2010-0088

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-...

6.8CVSS7AI score0.03647EPSS

cve•added 2010/04/01 4:30 p.m.•69 views

CVE-2010-0846

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

7.5CVSS7.5AI score0.09854EPSS

cve•added 2010/04/01 4:30 p.m.•68 views

CVE-2010-0085

5.1CVSS7AI score0.03647EPSS

cve•added 2010/10/19 10:0 p.m.•68 views

CVE-2010-3554

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS7.1AI score0.06885EPSS

cve•added 2008/12/05 11:30 a.m.•67 views

CVE-2008-5346

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file.

7.1CVSS7.2AI score0.03998EPSS

cve•added 2010/10/19 10:0 p.m.•66 views

CVE-2010-3553

10CVSS7.2AI score0.10973EPSS

cve•added 2006/10/10 4:6 a.m.•64 views

CVE-2006-5201

Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponen...

4CVSS7.4AI score0.03819EPSS

cve•added 2006/12/26 11:28 p.m.•64 views

CVE-2006-6737

Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in o...

4.3CVSS6AI score0.0136EPSS

cve•added 2008/12/05 11:30 a.m.•64 views

CVE-2008-5345

Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make...

7.5CVSS7.2AI score0.0488EPSS

cve•added 2010/04/01 4:30 p.m.•62 views

CVE-2010-0087

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.8AI score0.02519EPSS

cve•added 2010/04/01 4:30 p.m.•61 views

CVE-2010-0850

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.8AI score0.01681EPSS

cve•added 2010/04/01 4:30 p.m.•59 views

CVE-2010-0844

7.5CVSS6.9AI score0.06412EPSS

cve•added 2010/04/01 4:30 p.m.•58 views

CVE-2010-0849

7.5CVSS7.3AI score0.0567EPSS

cve•added 2010/04/01 4:30 p.m.•57 views

CVE-2010-0839

7.5CVSS6.8AI score0.03618EPSS

cve•added 2006/12/26 11:28 p.m.•55 views

CVE-2006-6736

Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in o...

4.3CVSS6AI score0.0136EPSS

cve•added 2007/05/22 12:30 a.m.•51 views

CVE-2007-2788

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and ear...

6.8CVSS7.7AI score0.53676EPSS

cve•added 2006/12/26 11:28 p.m.•49 views

CVE-2006-6731

Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or e...

9.3CVSS6.8AI score0.05848EPSS

cve•added 2008/03/06 9:44 p.m.•45 views

CVE-2008-1192

Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors.

6.8CVSS8.4AI score0.14809EPSS