Page 50 of 415 results (0.011 seconds)

CVSS: 5.0EPSS: 0%CPEs: 101EXPL: 0

CVE-2010-4471 – OpenJDK Java2D font-related system property leak (6985453)

https://notcve.org/view.php?id=CVE-2010-4471

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text. Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Oracle Java SE y Java for Business 6 Update 23 y versiones anteriores, 5.0 Update 27 y versiones anteriores permite a aplicaciones remotas Java Web Start no confiables y subprogramas Java no confiables afectar a la confidencialidad a través de vectores desconocidos relacionados con 2D. NOTA: la información previa fue obtenida de febrero 2011 CPU. • http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/43350 http://secunia.com/advisories/44954 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.debian.org/security/2011/dsa-2224 http://www.hitachi.co.jp/Prod/comp/soft1/gl •

CVSS: 2.6EPSS: 2%CPEs: 45EXPL: 0

CVE-2010-4472 – OpenJDK untrusted code allowed to replace DSIG/C14N implementation (6994263)

https://notcve.org/view.php?id=CVE-2010-4472

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations." Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Oracle Java SE y Java for Business 6 Update 23 y versiones anteriores permite a atacantes remotos afectar la disponibilidad, relacionado con XML Digital Signature y APIs no especificadas. NOTA: la información previa fue obtenida de febrero 2011 CPU. • http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/43350 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.debian.org/security/2011/dsa-2224 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index& •

CVSS: 10.0EPSS: 2%CPEs: 161EXPL: 0

CVE-2010-4473 – JDK unspecified vulnerability in Sound component

https://notcve.org/view.php?id=CVE-2010-4473

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4454 and CVE-2010-4462. Vulnerabilidad no especificada en el Java Runtime Environment (JRE) en Oracle Java SE y Java for Business 6 Update 23 y versiones anteriores, 5.0 Update 27 y versiones anteriores y 1.4.2_29 y versiones anteriores permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Sound y APIs no especificadas, una vulnerabilidad diferente a CVE-2010-4454 y CVE-2010-4462. • http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html http://marc.info/?l=bugtraq&m=133728004526190&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/44954 http://secunia.com/advisories/49198 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html http://www •

CVSS: 4.3EPSS: 0%CPEs: 161EXPL: 0

CVE-2010-4475 – JDK unspecified vulnerability in Deployment component

https://notcve.org/view.php?id=CVE-2010-4475

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment, a different vulnerability than CVE-2010-4447. Vulnerabilidad no especificada en el Java Runtime Environment (JRE) en Oracle Java SE y Java for Business 6 Update 23 y versiones anteriores, 5.0 Update 27 y versiones anteriores y 1.4.2_29 y versiones anteriores permite a aplicaciones Java Web Start remotas no confiables y applets de Java no confiables afectar la confidencialidad a través de vectores desconocidos relacionados con Deployment, una vulnerabilidad diferente a CVE-2010-4447. • http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html http://marc.info/?l=bugtraq&m=133728004526190&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/44954 http://secunia.com/advisories/49198 http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html http://www.redhat.com/support/erra •

CVSS: 10.0EPSS: 96%CPEs: 45EXPL: 1

CVE-2010-4452 – Oracle Java Unsigned Applet Applet2ClassLoader Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-4452

Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Deployment en Java Runtime Environment (JRE) en Oracle Jave SE y Java for Business v6 Update v23 y anteriores permite a aplicaciones remotas Java Web Start no confiables y applets Java no confiables vulnerar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the findClass method of the sun.plugin2.applet.Applet2ClassLoader class. Due to a failure to properly validate URLs supplied by an implicitly trusted applet, it is possible to execute arbitrary code on Windows 32-bit and 64-bit, as well as Linux 32-bit platforms under the context of the SYSTEM user. • https://www.exploit-db.com/exploits/16990 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/44954 http://securityreason.com/securityalert/8145 http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html http://www.redhat.com/support/errata/RHSA-2011-0282.html http://www.redhat.com/support/errata/RHSA-2011-0880.ht •