Page 117 of 674 results (0.018 seconds)

CVSS: 4.3EPSS: 1%CPEs: 133EXPL: 0

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23 y 1.4.2_25 permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2010-0084. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 http://lists.apple.com/archives/security-announce/2010//May/msg00001.html http://lists.apple.com/archives/security-announce/2010//May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://marc.info/?l=bugtraq&m=127557596201693&w=2 •

CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0

Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps CVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871, CVE-2009-3872, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, and CVE-2009-3877. Múltiples vulnerabilidades en el componente JRockit en BEA Product Suite R27.6.5 utilizado con JRE/JDK v1.4.2, v5, y v6 permite a atacantes remotos influir en la confidencialidad, la integridad y la disponibilidad a traves de vectores desconocidos. NOTA: Este identificador de vulnerabilidad se solapa con la vulnerabilidades CVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871, CVE-2009-3872, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, y CVE-2009-3877. • http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html http://www.us-cert.gov/cas/techalerts/TA10-012A.html •

CVSS: 7.5EPSS: 0%CPEs: 79EXPL: 0

Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657026. Múltiples vulnerabilidades no especificadas en la implementación Swing en Sun Java SE v5.0 anteriores a Update 22 y 6 anteriores a Update 17, y OpenJDK, tiene un impacto desconocido vectores de ataque remoto, relacionado con "debilidad de información en variables mutables" también conocidos como Bug ID 6657026. • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html http://java.sun.com/javase/6/webnotes/6u17.html http://secunia.com/advisories/37386 http://security.gentoo.org/glsa/glsa-200911-02.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:084 https://bugzilla.redhat.com/show_bug.cgi?id=530175 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8841 htt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 79EXPL: 0

Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657138. Múltiples vulnerabilidades no especificadas en la funcionalidad Windows Pluggable Look and Feel (PL&F) de la implementación de Swing en Sun Java SE 5.0 antes de Update 22, Sun Java SE 6.0 antes de la actualización 17, y OpenJDK, tienen un impacto desconocido y vectores de ataque remotos, relacionados con "fugas de información en variables mutables". Se trata del Bug ID 6657138. • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html http://java.sun.com/javase/6/webnotes/6u17.html http://secunia.com/advisories/37386 http://security.gentoo.org/glsa/glsa-200911-02.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:084 https://bugzilla.redhat.com/show_bug.cgi?id=530175 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968 ht • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 1%CPEs: 339EXPL: 0

Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970. Sun Java SE en JDK y JRE 5.0 anteriores a Update 22, JDK y JRE 6 anteriores a Update 17, SDK y JRE v1.3.x anteriores a v1.3.1_27, y SDK y JRE v1.4.x anteriores a v1.4.2_24 no analiza adecuadamente el perfil color, lo que permite a los atacantes remotos obtener privilegios a través de un archivo de imagen manipulado también conocido como Bud Id 6862970. • http://java.sun.com/javase/6/webnotes/6u17.html http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html http://marc.info/?l=bugtraq&m=126566824131534&w=2 http://marc.info/?l=bugtraq&m=131593453929393&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/37231 http://secunia.co • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •