Page 5 of 29 results (0.008 seconds)

CVSS: 5.0EPSS: 1%CPEs: 10EXPL: 0

The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities. Java Plug-in J2SE 1.3.0_02 hasta 5.0 Update 5, y Java Web Start 1.0 hasta 1.2 y J2SE 1.4.2 hasta 5.0 Update 5, permite a atacantes remotos explotar vulnerabilidades especificando una versión JRE que contiene vulnerabilidades. • http://secunia.com/advisories/21570 http://securitytracker.com/id?1016732 http://securitytracker.com/id?1016733 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.osvdb.org/28109 http://www.securityfocus.com/archive/1/382413 http://www.securityfocus.com/bid/11757 http://www.securityfocus.com/bid/8879 http://www.vupen.com/english/advisories/2006/3354 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X does not prevent multiple programs from opening the same port as a Java ServerSocket, which allows local users to operate a Java program that intercepts network data intended for the ServerSocket of a different Java program. • http://docs.info.apple.com/article.html?artnum=302265 http://lists.apple.com/archives/security-announce/2005/Sep/msg00001.html http://secunia.com/advisories/16808 http://www.ciac.org/ciac/bulletins/p-306.shtml http://www.osvdb.org/19397 http://www.securityfocus.com/bid/14827 http://www.vupen.com/english/advisories/2005/1734 https://exchange.xforce.ibmcloud.com/vulnerabilities/22269 •

CVSS: 1.2EPSS: 0%CPEs: 1EXPL: 0

Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack. • http://docs.info.apple.com/article.html?artnum=302266 http://lists.apple.com/archives/security-announce/2005/Sep/msg00001.html http://secunia.com/advisories/16808 http://www.ciac.org/ciac/bulletins/p-306.shtml http://www.securityfocus.com/bid/14825 http://www.vupen.com/english/advisories/2005/1734 https://exchange.xforce.ibmcloud.com/vulnerabilities/22262 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. • http://www.securityfocus.com/archive/1/391803 • CWE-16: Configuration •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to "the utility used to update Java shared archives." • http://docs.info.apple.com/article.html?artnum=302266 http://lists.apple.com/archives/Security-announce/2005/Sep/msg00000.html http://secunia.com/advisories/16808 http://www.ciac.org/ciac/bulletins/p-306.shtml http://www.vupen.com/english/advisories/2005/1734 https://exchange.xforce.ibmcloud.com/vulnerabilities/22264 •