CVSS: 10.0EPSS: 3%CPEs: 4EXPL: 0CVE-2007-2435 – javaws vulnerabilities
https://notcve.org/view.php?id=CVE-2007-2435
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files. Sun Java Web Start en JDK y JRE 5.0 hasta 10 y anteriores, y Java Web Start en SDK y JRE 1.4.2_13 y anteriores, permite a atacantes remotos realizar acciones no autorizadas a través de una aplicación que concede privilegios a si mismo, relacionado con "Uso incorrecto de sistemas de clases" y probablemente relacionado con el apoyo para ficheros JNLP. • http://dev2dev.bea.com/pub/advisory/241 http://docs.info.apple.com/article.html?artnum=307177 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://osvdb.org/35483 http://secunia.com/advisories/25069 http://secunia.com/advisories/25283 http://secunia.com/advisories/25413 http://secunia.com/advisories/25474 http://secunia.com/advisories/25832 http://secunia.com/advisories/26311 http://secunia.com/advisories/26369 http://secunia.com/advisories/28 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 38%CPEs: 37EXPL: 1CVE-2007-0243 – Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2007-0243
Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption. Desbordamiento de búfer en el Sun JDK y el Java Runtime Environment (JRE) 5.0 Actualizada a la 9 y anteriores, SDK y JRE 1.4.2_12 y anteriores y SDK y JRE 1.3.1_18 y anteriores permite a los applets obtener privilegios mediante una imagen GIF con un bloque con un campo de longitud 0, el cual dispara una corrupción de memoria. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java Virtual Machine (JVM). User interaction is required to exploit this vulnerability in that the target must visit a malicious website. The specific flaw exists during the parsing of GIF image components. When the image width in an image block of a valid GIF file is set to 0, the Java runtime will allocate the specified size but subsequently copy all data to the under allocated memory chunk. • https://www.exploit-db.com/exploits/3168 http://dev2dev.bea.com/pub/advisory/242 http://docs.info.apple.com/article.html?artnum=307177 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://osvdb.org/32834 http://secunia.com/advisories/23757 http://secunia.com/advisories/24189 http://secunia.com/advisories/24202 http://secunia.com/advisories/24468 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 7%CPEs: 80EXPL: 0CVE-2006-6731
https://notcve.org/view.php?id=CVE-2006-6731
Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or execute local files, possibly related to (1) integer overflows in the Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, and awt_parseColorModel functions; (2) a stack overflow in the Java_sun_awt_image_ImagingLib_lookupByteRaster function; and (3) improper handling of certain negative values in the Java_sun_font_SunLayoutEngine_nativeLayout function. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de búfer en Sun Java Development Kit (JDK) y Java Runtime Environment (JRE) 5.0 Update 7 y anteriores, Java System Development Kit (SDK) y JRE 1.4.2_12 y anteriores a 1.4.x, y SDK y JRE 1.3.1_18 y anteriores permiten a atacantes remotos desarrollar applets de Java que lean, escriban o ejecuten ficheros locales, posiblemente relacionado con (1) desbordamientos de enteros en las funciones Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, y awt_parseColorModel; (2) un desbordamiento de búfer basado en pila en la función Java_sun_awt_image_ImagingLib_lookupByteRaster; y (3) manejo inadecuado de ciertos valores negativos en la función Java_sun_font_SunLayoutEngine_nativeLayout. NOTA: algunos de estos detalles se han obtenido de información de terceros. • http://dev2dev.bea.com/pub/advisory/243 http://docs.info.apple.com/article.html?artnum=307177 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html http://scary.beasts.org/security/CESA-2005-008.txt http://secunia.com/advisories/23445 http://secunia.com/advisories/23650 http://secunia.com/advisor •
CVSS: 4.3EPSS: 0%CPEs: 78EXPL: 0CVE-2006-6736
https://notcve.org/view.php?id=CVE-2006-6736
Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The second issue." Vulnerabilidad no especificada en Sun Java Development Kit (JDK) y Java Runtime Environment (JRE) 5.0 Update 6 y anteriores, Java System Development Kit (SDK) y JRE 1.4.2_12 y anteriores versiones 1.4.x, y SDKy JRE 1.3.1_18 y anteriores permite a atacantes remotos utilizar applets no confiables para "acceder a datos de otros applets", también mencionado como el "segundo problema". • http://docs.info.apple.com/article.html?artnum=307177 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html http://secunia.com/advisories/23398 http://secunia.com/advisories/23650 http://secunia.com/advisories/23835 http://secunia.com/advisories/24099 http://secunia.com/advisories/24189 http://secunia.com/advisories/25404 http://secunia.com/advisories/26049 http://secunia.com/advisories/ •
CVSS: 4.3EPSS: 0%CPEs: 72EXPL: 0CVE-2006-6737
https://notcve.org/view.php?id=CVE-2006-6737
Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The first issue." Vulnerabilidad no especificada en Sun Java Development Kit (JDK) y Java Runtime Environment (JRE) 5.0 Update 5 y anteriores, Java System Development Kit (SDK) y JRE 1.4.2_10 y versiones 1.4.x anteriores, y SDK y JRE 1.3.1_18 y anteriores permite a atacantes remotos utilizar applets que no son de confianza para "acceder a información de otros applets", también conocido como "El primer asunto". • http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html http://secunia.com/advisories/23398 http://secunia.com/advisories/23650 http://secunia.com/advisories/23835 http://secunia.com/advisories/24099 http://secunia.com/advisories/24189 http://secunia.com/advisories/25404 http://secunia.com/advisories/26049 http://secunia.com/advisories/26119 http://security.gentoo.org/glsa/glsa-200701-15.xml http://security.gentoo.org/glsa/glsa-200702-08.xml http://sec •