Page 20 of 126 results (0.038 seconds)

CVSS: 9.3EPSS: 0%CPEs: 72EXPL: 0

CVE-2008-1190 – Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

https://notcve.org/view.php?id=CVE-2008-1190

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue. Una vulnerabilidad no especificada en Java Web Start en Sun JDK y JRE versión 6 Update 4 y versiones anteriores, versión 5.0 Update 14 y versiones anteriores, y SDK/JRE versión 1.4.2_16 y versiones anteriores, permite a atacantes remotos alcanzar privilegios por medio de una aplicación que no es de confianza, un problema diferente de CVE-2008-1191, también se conoce como el problema "fourth". • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29498 http://secunia.com/advisories/29582 http://secunia.com/advisories/29858 http://secunia.com/advisories/29897 http://secunia.com/advisories/30676 http://s • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 0%CPEs: 116EXPL: 0

CVE-2008-1192 – Java Plugin same-origin-policy bypass

https://notcve.org/view.php?id=CVE-2008-1192

Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors. Una vulnerabilidad no especificada en el Plug-in de Java para Sun JDK y JRE versión 6 Update 4 y anteriores, y versión 5.0 Update 14 y anteriores; y SDK y JRE versión 1.4.2_16 y anteriores, y versión 1.3.1_21 y anteriores; permite a atacantes remotos omitir la política del mismo origen y "execute local applications" por medio de vectores desconocidos. • http://dev2dev.bea.com/pub/advisory/277 http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29498 http://secunia.com/advisories/29582 http://secunia.com/advisories/29841 http://secunia.com/advisories/29858 http: • CWE-254: 7PK - Security Features •

CVSS: 9.3EPSS: 3%CPEs: 76EXPL: 0

CVE-2008-1195 – Java-API calls in untrusted Javascript allow network privilege escalation

https://notcve.org/view.php?id=CVE-2008-1195

Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs. Vulnerabilidad sin especificar en Sun JDK y Java Runtime Environment (JRE) 6 Actualización 4 y anteriores y 5.0 Update 14 y anteriores; y SDK y JRE 1.4.2_16 y anteriores; permite a atacantes remotos acceder a servicios de red de su elección en el host local a través de vectores no especificados relacionados con JavaScript y APIs de Java. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29498 http://secunia.com/advisories/29526 http://secunia.com/advisories/29541 http://secun • CWE-254: 7PK - Security Features •

CVSS: 6.8EPSS: 12%CPEs: 72EXPL: 0

CVE-2008-1196 – Buffer overflow security vulnerabilities in Java Web Start

https://notcve.org/view.php?id=CVE-2008-1196

Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file. Desbordamiento de búfer basado en pila en Java Web Start (javaws.exe) en Sun JDK y JRE 6 Actualización 4 y anteriores y 5.0 Actualización 14 y anteriores; y SDK y JRE 1.4.2_16 y anteriores; permite a atacantes remotos ejecutar código de su elección a través de un archivo JNLP manipulado. • http://download.novell.com/Download?buildid=q5exhSqeBjA~ http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29498 http://secunia.com/advisories/29582 http://secunia.com/advisories/29858 http://secunia.com/advisories/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 2%CPEs: 64EXPL: 0

CVE-2007-5689 – java-jre: Applet Privilege Escalation

https://notcve.org/view.php?id=CVE-2007-5689

The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves. La Máquina Virtual de java (JVM) de Sun Java Runtime Environment (JRE) de SDK y JRE 1.3.x hasta 1.3.1_20 y 1.4.x hasta 1.4.2_15, y JDK y JRE 5.x hata 5.0 Update 12 y 6.x hata 6 Update 2, permite a atacantes remotos ejecutar programas de su elección, o leer o modificar ficheros de su elección, mediante applets que conceden privilegios a si mismos. • http://dev2dev.bea.com/pub/advisory/272 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533 http://osvdb.org/40834 http://secunia.com/advisories/27320 http://secunia.com/advisories/27693 http://secunia.com/advisories/29042 http://secunia.com/advisories/29858 http://secunia.com/advisories/30676 http://secunia.com/advisories/30780 http://security.gentoo.org/glsa/glsa-200804-28.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 •