Page 128 of 674 results (0.013 seconds)

CVSS: 7.5EPSS: 3%CPEs: 61EXPL: 0

The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors. El mecanismo proxy implementado en Sun Java Runtime Environment (JRE) en JDK y JRE v6 anterior Update v15, y JDK y JRE v5.0 anterior Update v20, no previene el acceso a las cookies del buscador por (1) applets y (2) aplicaciones Java Web Start no confiables, que permiten a atacantes remotos secuestrar las sesiones web a través de vectores no especificados. • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20 http://java.sun.com/javase/6/webnotes/6u15.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://secunia.com/advisories • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 5%CPEs: 27EXPL: 0

Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow. Un desbordamiento de enteros en el archivo javaws.exe en Sun Java Web Start en Sun Java Runtime Environment (JRE) en JDK y JRE versión 6 anterior a Update 15, permite a los atacantes dependiendo del contexto ejecutar código arbitrario por medio de una imagen JPEG creada que no se maneja apropiadamente durante la visualización de una imagen de bienvenida, que desencadena un desbordamiento de búfer basado en la región heap de la memoria. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://secunia.com/advisories/36162 http://secunia.com/advisories/36176 http://secunia.com/advisories/36180 http://secunia.com/advisories/36248 • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 1%CPEs: 61EXPL: 0

The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties. El sistema de audio en Sun Java Runtime Environment (JRE) en JDK y JRE v6 anterior Update v15, y JDK y JRE v5.0 anterior Update v20, no previene el acceso a las propiedades java.lang.System (1) applets and (2)aplicaciones Java Web Start no confiables, permitiendo a atacantes dependientes del contexto obtener información sensible por la lectura de esas propiedades. • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20 http://java.sun.com/javase/6/webnotes/6u15.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://osvdb.org/56788 http&# • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 0%CPEs: 61EXPL: 0

The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors. El SOCKS proxy implementado en Java Runtime Environment (JRE) en JDK y JRE v6 anterior Update v15, y JDK y JRE v5.0 anterior Update v20, permite a atacantes remotos descubrir la cuenta de usuario que invoca un (1) applet o (2)aplicación Java Web Start no confiable a través de vectores no especificados. • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20 http://java.sun.com/javase/6/webnotes/6u15.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://secunia.com/advisories •

CVSS: 10.0EPSS: 3%CPEs: 61EXPL: 0

Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression. Un desbordamiento de enteros en la utilidad unpack200 en Sun Java Runtime Environment (JRE) en JDK y JRE versión 6 anterior a Update 15, y JDK y JRE versión 5.0 anterior a Update 20, permite a los atacantes dependiendo del contexto alcanzar privilegios por medio de campos de longitud no especificados en el encabezado de un archivo JAR comprimido de Pack200-, que conlleva a un desbordamiento del búfer en la región heap de la memoria durante la descompresión. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious web page or open a malicious JNLP file. The specific flaw exists within the code responsible for handling Pack200 compressed JAR files. During decompression, several fields within a Pack200 header are trusted and used to calculate sizes for heap buffer allocations. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=814 http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://secunia.com/advisories/36162 http://secunia.com/advisories/36176 http: • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •