CVSS: 9.8EPSS: 7%CPEs: 30EXPL: 0CVE-2006-0615
https://notcve.org/view.php?id=CVE-2006-0615
09 Feb 2006 — Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues." • http://docs.info.apple.com/article.html?artnum=303658 •
CVSS: 6.2EPSS: 4%CPEs: 2EXPL: 1CVE-2005-1080 – jar: directory traversal vulnerability
https://notcve.org/view.php?id=CVE-2005-1080
12 Apr 2005 — Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file. A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. An off-by-one flaw, leading to a buffer overflow, was fo... • http://advisories.mageia.org/MGASA-2015-0158.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2005-0223
https://notcve.org/view.php?id=CVE-2005-0223
06 Feb 2005 — The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service (Java Virtual Machine hang) via object deserialization. • http://marc.info/?l=bugtraq&m=110719624029320&w=2 •
CVSS: 7.5EPSS: 4%CPEs: 4EXPL: 0CVE-2004-0651
https://notcve.org/view.php?id=CVE-2004-0651
13 Jul 2004 — Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). Vulnerabilidad desconocida en Sun Java Runtime Environment (JRE) 1.4.2 a 1.4.2_03 permite a atacantes remotos causar una denegación de servicio (cuelgue de la máquina virtual). • http://marc.info/?l=bugtraq&m=108559041910233&w=2 •
CVSS: 9.8EPSS: 1%CPEs: 17EXPL: 0CVE-2002-0076
https://notcve.org/view.php?id=CVE-2002-0076
19 Mar 2002 — Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability. El verificador de bytecode del "Java Runtime Enviroment" (entorno de eje... • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218 •
CVSS: 8.1EPSS: 2%CPEs: 11EXPL: 0CVE-2002-0058
https://notcve.org/view.php?id=CVE-2002-0058
07 Mar 2002 — Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK. Esta vulnerabilidad en el "Java Runtime Enviroment" (entorno de e... • http://marc.info/?l=bugtraq&m=101534535304228&w=2 •
CVSS: 9.1EPSS: 0%CPEs: 24EXPL: 1CVE-2001-1480
https://notcve.org/view.php?id=CVE-2001-1480
31 Dec 2001 — Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard. • http://cert.uni-stuttgart.de/archive/bugtraq/2001/10/msg00120.html •