5 matches found
CVE-2011-3544
CVE-2011-3544 is a vulnerability in the Java scripting engine where untrusted code (e.g., applets) could elevate privileges due to missing security manager checks. Affected: Oracle Java SE/JDK/JRE 6 and 7 up to update 27 and earlier. Impact reported as remote arbitrary code execution/elevation of...
CVE-2012-0507
CVE-2012-0507 affects Oracle Java SE/JRE (7u2 and earlier, 6u30 and earlier, 5.0u33 and earlier). Root cause: AtomicReferenceArray may not enforce Object[] type, enabling type confusion. Impacts include potential sandbox breach and JVM crash; remote code execution is discussed in related advisori...
CVE-2013-2465
CVE-2013-2465 is a Java 2D component vulnerability that can cause memory corruption and potential sandbox bypass/remote code execution. It affected Oracle Java SE up to JRE 7u21, JDK 6 up to 6u45, and OpenJDK 7, with 2D-related vectors noted in public disclosures. Several advisories (Debian DSA-2...
CVE-2013-4002
CVE-2013-4002 affects the Xerces2 Java XML parser. XMLScanner.java in Xerces2 Java Parser before 2.12.0 (as used in various JREs and Oracle/Jakarta distributions) could allow remote denial of service via vectors related to XML attribute names. IBM and other vendors document DoS impact on affected...
CVE-2012-1717
CVE-2012-1717 is an unspecified local confidentiality vulnerability in the Java Runtime Environment affecting Oracle JRE 7u4 and earlier, 6u32 and earlier, 5u35 and earlier, and 1.4.2_37 and earlier, related to printing on Solaris/Linux. Connected documents (including IBM BigInsights/InfoSphere a...