CVSS: 6.4EPSS: 0%CPEs: 12EXPL: 0CVE-2006-0614
https://notcve.org/view.php?id=CVE-2006-0614
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and earlier, SDK and JRE 1.3.x through 1.3.1_16 and 1.4.x through 1.4.2_08 allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "first issue." • http://docs.info.apple.com/article.html?artnum=303658 http://secunia.com/advisories/18760 http://secunia.com/advisories/18884 http://securitytracker.com/id?1015596 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102171-1 http://www.gentoo.org/security/en/glsa/glsa-200602-07.xml http://www.kb.cert.org/vuls/id/759996 http://www.vupen.com/english/advisories/2006/0467 http://www.vupen.com/english/advisories/2006/0828 http://www.vupen.com/english/advisories/ •
CVSS: 4.0EPSS: 0%CPEs: 30EXPL: 0CVE-2006-0615
https://notcve.org/view.php?id=CVE-2006-0615
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues." • http://docs.info.apple.com/article.html?artnum=303658 http://secunia.com/advisories/18760 http://secunia.com/advisories/18884 http://securitytracker.com/id?1015596 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102171-1 http://www.gentoo.org/security/en/glsa/glsa-200602-07.xml http://www.kb.cert.org/vuls/id/759996 http://www.vupen.com/english/advisories/2006/0467 http://www.vupen.com/english/advisories/2006/0828 http://www.vupen.com/english/advisories/ •
CVSS: 7.8EPSS: 27%CPEs: 4EXPL: 0CVE-2005-3583
https://notcve.org/view.php?id=CVE-2005-3583
(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss. • http://marc.info/?l=bugtraq&m=113113125121878&w=2 http://secunia.com/advisories/17478 http://securityreason.com/securityalert/143 http://www.securityfocus.com/bid/15312 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2005-1080 – jar: directory traversal vulnerability
https://notcve.org/view.php?id=CVE-2005-1080
Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file. A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. • http://advisories.mageia.org/MGASA-2015-0158.html http://marc.info/?l=bugtraq&m=111331593310508&w=2 http://marc.info/?l=oss-security&m=127602564508766&w=2 http://marc.info/?l=oss-security&m=127603032617644&w=2 http://rhn.redhat.com/errata/RHSA-2015-0806.html http://rhn.redhat.com/errata/RHSA-2015-0807.html http://rhn.redhat.com/errata/RHSA-2015-0808.html http://rhn.redhat.com/errata/RHSA-2015-0809.html http://rhn.redhat.com/errata/RHSA-2015-0854.html h • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2005-0223
https://notcve.org/view.php?id=CVE-2005-0223
The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service (Java Virtual Machine hang) via object deserialization. • http://marc.info/?l=bugtraq&m=110719624029320&w=2 •