Sdk Security Vulnerabilities and Issues — Sdk CVE List

Lucene search

SunSdk

20 matches found

CVE•added 2010/04/01 4:30 p.m.•104 views

CVE-2010-0848

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.8AI score0.03647EPSS

CVE•added 2010/04/01 4:30 p.m.•75 views

CVE-2010-0842

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March ...

7.5CVSS7.4AI score0.91327EPSS

CVE•added 2008/12/05 11:30 a.m.•74 views

CVE-2008-5348

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service (OS resource consumption) vi...

7.1CVSS7.3AI score0.07346EPSS

CVE•added 2010/04/01 4:30 p.m.•74 views

CVE-2010-0847

7.5CVSS7.5AI score0.05186EPSS

CVE•added 2008/12/05 11:30 a.m.•70 views

CVE-2008-5351

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms for other application...

7.5CVSS7.6AI score0.03276EPSS

CVE•added 2010/04/01 4:30 p.m.•69 views

CVE-2010-0846

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

7.5CVSS7.5AI score0.09854EPSS

CVE•added 2008/12/05 11:30 a.m.•67 views

CVE-2008-5346

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file.

7.1CVSS7.2AI score0.03998EPSS

CVE•added 2010/04/01 4:30 p.m.•67 views

CVE-2010-0841

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU...

7.5CVSS7.5AI score0.10009EPSS

CVE•added 2008/12/05 11:30 a.m.•64 views

CVE-2008-5345

Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make...

7.5CVSS7.2AI score0.0488EPSS

CVE•added 2008/12/05 11:30 a.m.•63 views

CVE-2008-5344

Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors...

7.5CVSS7.2AI score0.01474EPSS

CVE•added 2010/04/01 4:30 p.m.•62 views

CVE-2010-0087

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.8AI score0.02519EPSS

CVE•added 2010/04/01 4:30 p.m.•61 views

CVE-2010-0850

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.8AI score0.01681EPSS

CVE•added 2010/04/01 4:30 p.m.•59 views

CVE-2010-0844

7.5CVSS6.9AI score0.06412EPSS

CVE•added 2010/04/01 4:30 p.m.•58 views

CVE-2010-0849

7.5CVSS7.3AI score0.0567EPSS

CVE•added 2010/04/01 4:30 p.m.•57 views

CVE-2010-0839

7.5CVSS6.8AI score0.03618EPSS

CVE•added 2010/04/01 4:30 p.m.•52 views

CVE-2010-0843

7.5CVSS7.3AI score0.10009EPSS

CVE•added 2005/11/16 7:42 a.m.•46 views

CVE-2005-3583

(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss.

7.8CVSS7.1AI score0.0094EPSS

CVE•added 2005/06/21 4:0 a.m.•44 views

CVE-2001-1480

Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.

7.5CVSS6.6AI score0.0054EPSS

CVE•added 2007/07/11 10:30 p.m.•42 views

CVE-2007-3698

The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.2_11 through 1.4.2_14, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service (CPU consumption) via certain SSL/TLS handsha...

7.8CVSS6.2AI score0.16804EPSS

CVE•added 2003/04/02 5:0 a.m.•41 views

CVE-2002-0076

Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, a...

7.5CVSS7.2AI score0.01144EPSS