Page 46 of 439 results (0.017 seconds)

CVSS: 10.0EPSS: 54%CPEs: 173EXPL: 0

CVE-2011-0802 – Oracle Java Soundbank Decompression Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2011-0802

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0814. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores, permite a aplicaciones Java Web Start y Java applets no confiables afectar la confidencilidad, integridad y disponiblidad a través de vectores desconocidos, relacionado con Sound, una vulnerabilidad diferente de CVE-2011-0814. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java parses soundbank files. When a soundbank file contains compressed data it is first decompressed and then Java will parse the decompressed data. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2011-08 •

CVSS: 10.0EPSS: 3%CPEs: 173EXPL: 0

CVE-2011-0814 – JDK: unspecified vulnerabilities fixed in 6u26 (Sound)

https://notcve.org/view.php?id=CVE-2011-0814

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores, permite a aplicaciones Java Web Start y Java applets no confiables afectar la confidencilidad, integridad y disponiblidad a través de vectores desconocidos, relacionado con Sound, una vulnerabilidad diferente de CVE-2011-0802. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2011-08 •

CVSS: 5.0EPSS: 1%CPEs: 173EXPL: 0

CVE-2011-0867 – OpenJDK: NetworkInterface information leak (Networking, 7013969)

https://notcve.org/view.php?id=CVE-2011-0867

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores permite a aplicaciones remotas Java Web Start y Java applets no confiables afectar la confidencialidad a través de vectores desconocidos relacionados con Networking. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2011-08 •

CVSS: 10.0EPSS: 1%CPEs: 173EXPL: 0

CVE-2011-0864 – OpenJDK: JVM memory corruption via certain bytecode (HotSpot, 7020373)

https://notcve.org/view.php?id=CVE-2011-0864

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores permite aplicaciones Java Web Start y Java applets que no son de confianza afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con HotSpot. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://marc.info/?l=bugtraq&m=132439520301822&w=2 http://marc.info/?l=bugtraq&m=133728004526190&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/44818 http://secunia.com/advisories/44930 http://secunia.com/advisories/49198 http://security.gentoo.org/glsa/glsa-201406-32.xml http://support.avaya.com/css/ •

CVSS: 5.0EPSS: 0%CPEs: 48EXPL: 0

CVE-2011-0868 – OpenJDK: incorrect numeric type conversion in TransformHelper (2D, 7016495)

https://notcve.org/view.php?id=CVE-2011-0868

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 25 y anteriores permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con el 2D. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://marc.info/?l=bugtraq&m=132439520301822&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/44818 http://secunia.com •