CVSS: 7.5EPSS: 1%CPEs: 30EXPL: 0CVE-2011-0311 – IBM JDK Class file parsing denial-of-service
https://notcve.org/view.php?id=CVE-2011-0311
02 Sep 2011 — The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read. El analizador de archivos de clases en IBM Java antes de v1.4.2 SR13 FP9, tal como se utiliza en IBM Runtimes para Java Technology v5.0.0 an... • http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2008-3440
https://notcve.org/view.php?id=CVE-2008-3440
01 Aug 2008 — Sun Java 1.6.0_03 and earlier versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. Sun Java versión 1.6.0_03 y anteriores, y posiblemente versiones posteriores, no comprueba apropiadamente la autenticidad de las actualizaciones, lo que permite a los atacantes de tipo man-in-the-middle ejecutar código arbitrario por medio d... • http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2527
https://notcve.org/view.php?id=CVE-2005-2527
31 Dec 2005 — Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack. • http://docs.info.apple.com/article.html?artnum=302266 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •