Page 39 of 398 results (0.030 seconds)

CVSS: 5.0EPSS: 1%CPEs: 173EXPL: 0

CVE-2011-0867 – OpenJDK: NetworkInterface information leak (Networking, 7013969)

https://notcve.org/view.php?id=CVE-2011-0867

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores permite a aplicaciones remotas Java Web Start y Java applets no confiables afectar la confidencialidad a través de vectores desconocidos relacionados con Networking. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2011-08 •

CVSS: 5.0EPSS: 1%CPEs: 50EXPL: 0

CVE-2011-0869 – OpenJDK: unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971)

https://notcve.org/view.php?id=CVE-2011-0869

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 26 y anteriores permite a aplicaciones Java Web Start y Java applets no confiables afectar la confidencialidad a través de vectores desconocidos relacionados con SAAJ. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://marc.info/?l=bugtraq&m=132439520301822&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/44818 http://secunia.com •

CVSS: 10.0EPSS: 1%CPEs: 173EXPL: 0

CVE-2011-0864 – OpenJDK: JVM memory corruption via certain bytecode (HotSpot, 7020373)

https://notcve.org/view.php?id=CVE-2011-0864

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores permite aplicaciones Java Web Start y Java applets que no son de confianza afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con HotSpot. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://marc.info/?l=bugtraq&m=132439520301822&w=2 http://marc.info/?l=bugtraq&m=133728004526190&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/44818 http://secunia.com/advisories/44930 http://secunia.com/advisories/49198 http://security.gentoo.org/glsa/glsa-201406-32.xml http://support.avaya.com/css/ •

CVSS: 2.6EPSS: 0%CPEs: 173EXPL: 0

CVE-2011-0865 – OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658)

https://notcve.org/view.php?id=CVE-2011-0865

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores permite aplicaciones Java Web Start y Java applets que no son de confianza afectar la integridad a través de vectores desconocidos relacionados con la deserialización. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2011-08 •

CVSS: 10.0EPSS: 1%CPEs: 48EXPL: 0

CVE-2011-0863 – Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2011-0863

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 25 y anteriores, v5.0 Update 29 y anteriores, permite aplicaciones Java Web Start y Java applets que no son de confianza afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Deployment. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java webstart parses certain properties from the jnlp file. Due to insufficient quote escaping it is possible to supply additional command line parameters to the java process. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://marc.info/?l=bugtraq&m=132439520301822&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/44818 http://secunia.com •