CVSS: 9.8EPSS: 3%CPEs: 81EXPL: 0CVE-2010-0845 – OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)
https://notcve.org/view.php?id=CVE-2010-0845
01 Apr 2010 — Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente HotSpot Server en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25 y 1.3.1_27 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores no desconocidos. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 10.0EPSS: 10%CPEs: 238EXPL: 0CVE-2010-0846 – Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0846
01 Apr 2010 — Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an "invalid assignment" and in... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 8.8EPSS: 5%CPEs: 240EXPL: 0CVE-2010-0847 – OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)
https://notcve.org/view.php?id=CVE-2010-0847
01 Apr 2010 — Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image. Vulnerabilidad no especificada en el co... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 9.8EPSS: 3%CPEs: 238EXPL: 0CVE-2010-0848 – OpenJDK AWT Library Invalid Index Vulnerability (6914823)
https://notcve.org/view.php?id=CVE-2010-0848
01 Apr 2010 — Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java 2D en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25 y 1.3.1_27 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores no desconocidos. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 10.0EPSS: 6%CPEs: 240EXPL: 0CVE-2010-0849 – Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0849
01 Apr 2010 — Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 9.8EPSS: 1%CPEs: 105EXPL: 0CVE-2010-0850
https://notcve.org/view.php?id=CVE-2010-0850
01 Apr 2010 — Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java 2D en Oracle Java SE y Java for Business 1.3.1_27 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores no desconocidos. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 7.5EPSS: 0%CPEs: 38EXPL: 0CVE-2009-3879 – OpenJDK GraphicsConfiguration information leak(6822057)
https://notcve.org/view.php?id=CVE-2009-3879
09 Nov 2009 — Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057. Múltiples vulnerabilidades no específicas en los subsistemas (1) X11 y (2) Win32GraphicsDevice en Sun Java SE v5.0 anteriores a Update 22 y 6 anteriores a Update 17, y OpenJDK, tienen impacto y vector... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html •
CVSS: 9.8EPSS: 1%CPEs: 38EXPL: 0CVE-2009-3881 – OpenJDK resurrected classloaders can still have children (6636650)
https://notcve.org/view.php?id=CVE-2009-3881
09 Nov 2009 — Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an "information leak vulnerability," aka Bug Id 6636650. Sun Java SE v5.0 anterior a Update 22 y 6 anterior a Update 17, y OpenJDK, no previene la existencia de procesos hijo en un ClassLoader resucitada, lo que permite a atacantes remotos obtener privilegios a través de vectores no ... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 38EXPL: 0CVE-2009-3884 – OpenJDK zoneinfo file existence information leak (6824265)
https://notcve.org/view.php?id=CVE-2009-3884
09 Nov 2009 — The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265. El método TimeZone.getTimeZone en Sun Java SE 5.0 antes de Update22, Sun Java SE 6.0 antes de la actualización 17, y OpenJDK, permite a atacantes remotos determinar la existencia de archivos locales a través de vectores relacionados con el manejo de ficheros zo... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html •
CVSS: 7.5EPSS: 1%CPEs: 39EXPL: 0CVE-2009-3885
https://notcve.org/view.php?id=CVE-2009-3885
09 Nov 2009 — Sun Java SE 5.0 before Update 22 and 6 before Update 17 on Windows allows remote attackers to cause a denial of service via a BMP file containing a link to a UNC share pathname for an International Color Consortium (ICC) profile file, probably a related issue to CVE-2007-2789, aka Bug Id 6632445. Sun Java SE v5.0 anteriores a Update 22 y 6 anteriores a Update 17 en Windows permite a atacantes remotos provocar una denegación de servicio a través de un fichero .BMP que contenga un enlace a un path compartido ... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html •