CVSS: 9.3EPSS: 7%CPEs: 80EXPL: 0CVE-2006-6731
https://notcve.org/view.php?id=CVE-2006-6731
Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or execute local files, possibly related to (1) integer overflows in the Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, and awt_parseColorModel functions; (2) a stack overflow in the Java_sun_awt_image_ImagingLib_lookupByteRaster function; and (3) improper handling of certain negative values in the Java_sun_font_SunLayoutEngine_nativeLayout function. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de búfer en Sun Java Development Kit (JDK) y Java Runtime Environment (JRE) 5.0 Update 7 y anteriores, Java System Development Kit (SDK) y JRE 1.4.2_12 y anteriores a 1.4.x, y SDK y JRE 1.3.1_18 y anteriores permiten a atacantes remotos desarrollar applets de Java que lean, escriban o ejecuten ficheros locales, posiblemente relacionado con (1) desbordamientos de enteros en las funciones Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, y awt_parseColorModel; (2) un desbordamiento de búfer basado en pila en la función Java_sun_awt_image_ImagingLib_lookupByteRaster; y (3) manejo inadecuado de ciertos valores negativos en la función Java_sun_font_SunLayoutEngine_nativeLayout. NOTA: algunos de estos detalles se han obtenido de información de terceros. • http://dev2dev.bea.com/pub/advisory/243 http://docs.info.apple.com/article.html?artnum=307177 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html http://scary.beasts.org/security/CESA-2005-008.txt http://secunia.com/advisories/23445 http://secunia.com/advisories/23650 http://secunia.com/advisor •
CVSS: 4.0EPSS: 1%CPEs: 95EXPL: 0CVE-2006-5201
https://notcve.org/view.php?id=CVE-2006-5201
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1. Múltiples paquetes sobre Sun Solaris, incluyendo (1) NSS; (2) Java JDK and JRE 5.0 Update 8 y anteriores, SDK y JRE 1.4.x hasta 1.4.2_12, y SDK y JRE 1.3.x hasta 1.3.1_19; (3) JSSE 1.0.3_03 y anteriores; (4) IPSec/IKE; (5) Secure Global Desktop; y (6) StarOffice, cuando se usa una llave RSA con un exponente 3, elimina el relleno PKCS-1 antes de generar un hash, lo cual permite a un atacante remoto falsificar una firma PKCS #1 v1.5 que esta firmada por una llave RSA y evita que estos productos verifiquen correctamente X.509 y otros certificados que utilicen PKCS #1. • http://secunia.com/advisories/22204 http://secunia.com/advisories/22226 http://secunia.com/advisories/22325 http://secunia.com/advisories/22992 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1 http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm http://www.kb.cert.org/vuls/id/845620 http://www.vupen.com/english/advisories/2006/3898 http://www.vupen.com/english/advisories/2006&# •
CVSS: 6.4EPSS: 0%CPEs: 12EXPL: 0CVE-2006-0614
https://notcve.org/view.php?id=CVE-2006-0614
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and earlier, SDK and JRE 1.3.x through 1.3.1_16 and 1.4.x through 1.4.2_08 allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "first issue." • http://docs.info.apple.com/article.html?artnum=303658 http://secunia.com/advisories/18760 http://secunia.com/advisories/18884 http://securitytracker.com/id?1015596 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102171-1 http://www.gentoo.org/security/en/glsa/glsa-200602-07.xml http://www.kb.cert.org/vuls/id/759996 http://www.vupen.com/english/advisories/2006/0467 http://www.vupen.com/english/advisories/2006/0828 http://www.vupen.com/english/advisories/ •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2005-0223
https://notcve.org/view.php?id=CVE-2005-0223
The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service (Java Virtual Machine hang) via object deserialization. • http://marc.info/?l=bugtraq&m=110719624029320&w=2 •
CVSS: 9.3EPSS: 19%CPEs: 157EXPL: 1CVE-2004-1029 – Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass
https://notcve.org/view.php?id=CVE-2004-1029
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. • https://www.exploit-db.com/exploits/24763 http://jouko.iki.fi/adv/javaplugin.html http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html http://secunia.com/advisories/13271 http://secunia.com/advisories/29035 http://securityreason.com/securityalert/61 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1 http://sunsolve.sun.co • CWE-264: Permissions, Privileges, and Access Controls •