CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2008-3440
https://notcve.org/view.php?id=CVE-2008-3440
01 Aug 2008 — Sun Java 1.6.0_03 and earlier versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. Sun Java versión 1.6.0_03 y anteriores, y posiblemente versiones posteriores, no comprueba apropiadamente la autenticidad de las actualizaciones, lo que permite a los atacantes de tipo man-in-the-middle ejecutar código arbitrario por medio d... • http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2529
https://notcve.org/view.php?id=CVE-2005-2529
31 Dec 2005 — Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to "the utility used to update Java shared archives." • http://docs.info.apple.com/article.html?artnum=302266 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2738
https://notcve.org/view.php?id=CVE-2005-2738
31 Dec 2005 — Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X does not prevent multiple programs from opening the same port as a Java ServerSocket, which allows local users to operate a Java program that intercepts network data intended for the ServerSocket of a different Java program. • http://docs.info.apple.com/article.html?artnum=302265 •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2527
https://notcve.org/view.php?id=CVE-2005-2527
31 Dec 2005 — Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack. • http://docs.info.apple.com/article.html?artnum=302266 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2005-2530
https://notcve.org/view.php?id=CVE-2005-2530
31 Dec 2005 — Unspecified vulnerability in Java 1.3.1 before 1.3.1_16 on Apple Mac OS X allows an untrusted applet to gain privileges, related to "Mac OS X specific extensions." • http://docs.info.apple.com/article.html?artnum=302265 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 3CVE-2003-1134 – Sun Microsystems Java Virtual Machine 1.x - Security Manager Denial of Service
https://notcve.org/view.php?id=CVE-2003-1134
31 Dec 2003 — Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. • https://www.exploit-db.com/exploits/23292 •
CVSS: 10.0EPSS: 5%CPEs: 18EXPL: 2CVE-2002-2281 – Symantec Java! JustInTime Compiler 210.65 - Command Execution
https://notcve.org/view.php?id=CVE-2002-2281
31 Dec 2002 — Symantec Java! JIT (Just-In-Time) Compiler for Netscape Communicator 4.0 through 4.8 allows remote attackers to execute arbitrary Java commands via an applet that uses a jump call, which is not correctly compiled by the JIT compiler. • https://www.exploit-db.com/exploits/22028 •