CVSS: 9.8EPSS: 1%CPEs: 105EXPL: 0CVE-2010-0850
https://notcve.org/view.php?id=CVE-2010-0850
01 Apr 2010 — Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java 2D en Oracle Java SE y Java for Business 1.3.1_27 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores no desconocidos. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 10.0EPSS: 6%CPEs: 133EXPL: 0CVE-2010-0095 – Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability
https://notcve.org/view.php?id=CVE-2010-0095
01 Apr 2010 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23 y 1.4.2_25 permite a atacantes remotos afectar a la confidencialidad, integrida... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 9.8EPSS: 3%CPEs: 238EXPL: 0CVE-2010-0088 – OpenJDK Inflater/Deflater clone issues (6745393)
https://notcve.org/view.php?id=CVE-2010-0088
01 Apr 2010 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25 y 1.3.1_27 permite a atacantes remotos afectar la confidenc... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 10.0EPSS: 95%CPEs: 238EXPL: 1CVE-2010-0842 – Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0842
01 Apr 2010 — Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer... • https://www.exploit-db.com/exploits/18485 •
CVSS: 9.8EPSS: 3%CPEs: 238EXPL: 0CVE-2010-0848 – OpenJDK AWT Library Invalid Index Vulnerability (6914823)
https://notcve.org/view.php?id=CVE-2010-0848
01 Apr 2010 — Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java 2D en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25 y 1.3.1_27 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores no desconocidos. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 10.0EPSS: 15%CPEs: 133EXPL: 0CVE-2010-0841 – Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0841
01 Apr 2010 — Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contain... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 37EXPL: 0CVE-2009-3729 – JRE TrueType font parsing crash (6815780)
https://notcve.org/view.php?id=CVE-2009-3729
09 Nov 2009 — Unspecified vulnerability in the TrueType font parsing functionality in Sun Java SE 5.0 before Update 22 and 6 before Update 17 allows remote attackers to cause a denial of service (application crash) via a certain test suite, aka Bug Id 6815780. Vulnerabilidad no especificada en la funcionalidad de análisis sintáctico de fuentes TrueType en Sun Java SE v5.0 anteriores a Update 22 y 6 anteriores a Update 17 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de ... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html •
CVSS: 7.5EPSS: 1%CPEs: 39EXPL: 0CVE-2009-3885
https://notcve.org/view.php?id=CVE-2009-3885
09 Nov 2009 — Sun Java SE 5.0 before Update 22 and 6 before Update 17 on Windows allows remote attackers to cause a denial of service via a BMP file containing a link to a UNC share pathname for an International Color Consortium (ICC) profile file, probably a related issue to CVE-2007-2789, aka Bug Id 6632445. Sun Java SE v5.0 anteriores a Update 22 y 6 anteriores a Update 17 en Windows permite a atacantes remotos provocar una denegación de servicio a través de un fichero .BMP que contenga un enlace a un path compartido ... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html •
CVSS: 9.8EPSS: 1%CPEs: 38EXPL: 0CVE-2009-3881 – OpenJDK resurrected classloaders can still have children (6636650)
https://notcve.org/view.php?id=CVE-2009-3881
09 Nov 2009 — Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an "information leak vulnerability," aka Bug Id 6636650. Sun Java SE v5.0 anterior a Update 22 y 6 anterior a Update 17, y OpenJDK, no previene la existencia de procesos hijo en un ClassLoader resucitada, lo que permite a atacantes remotos obtener privilegios a través de vectores no ... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 38EXPL: 0CVE-2009-3880 – OpenJDK UI logging information leakage(6664512)
https://notcve.org/view.php?id=CVE-2009-3880
09 Nov 2009 — The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512. El Abstract Window Toolkit (AWT) en Java Runtime Environment (JRE) en Sun Java SE v5.0 anteriores a Update 22 y 6 ant... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html • CWE-264: Permissions, Privileges, and Access Controls •