Page 25 of 122 results (0.017 seconds)

CVSS: 9.3EPSS: 19%CPEs: 157EXPL: 1

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. • https://www.exploit-db.com/exploits/24763 http://jouko.iki.fi/adv/javaplugin.html http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html http://secunia.com/advisories/13271 http://secunia.com/advisories/29035 http://securityreason.com/securityalert/61 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1 http://sunsolve.sun.co • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0

Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). Vulnerabilidad desconocida en Sun Java Runtime Environment (JRE) 1.4.2 a 1.4.2_03 permite a atacantes remotos causar una denegación de servicio (cuelgue de la máquina virtual). • http://marc.info/?l=bugtraq&m=108559041910233&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57555 http://www.kb.cert.org/vuls/id/118558 http://www.securityfocus.com/advisories/6773 http://www.securityfocus.com/bid/10301 https://exchange.xforce.ibmcloud.com/vulnerabilities/16085 •