Page 54 of 415 results (0.019 seconds)

CVSS: 5.0EPSS: 0%CPEs: 149EXPL: 0

Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or "otherwise-protected internal network names." Vulnerabilidad no especificada en el componente JNDI en Oracle Java SE y Java for Business v6 Update 21, v5.0 Update 25, v1.4.2_27 permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html http://marc.info/? •

CVSS: 7.5EPSS: 2%CPEs: 93EXPL: 0

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions. Vulnerabilidad no especificada en el componente CORBA en Oracle Java SE y Java for Business 6 Update 21 y 5.0 Update 25 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. NOTA: la información previa fue obtenida de la CPU Octubre 2010. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/41972 http: •

CVSS: 10.0EPSS: 2%CPEs: 257EXPL: 0

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente 2D para Oracle Java SE y Java for Business v6 Update 21, v5.0 Update 24, v1.4.2_27 y v1.3.1_28 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/41967 http://secunia.com/advisories/42974 http://secunia.com/advisories/44954 http://support.avaya.com/css/P8/documents/100114315 http://support.avaya.com/css/P8&# •

CVSS: 6.8EPSS: 2%CPEs: 257EXPL: 0

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static." Vulnerabilidad no especificada en el componente Swing de Oracle Java SE y Java for Business v6 Update 21 , v5.0 Update 25, 1.4.2_27 y 1.3.1_28 permite a atacantes remotos atacar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html http://marc.info/? •

CVSS: 10.0EPSS: 2%CPEs: 149EXPL: 0

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization. Vulnerabilidad no especificada en el componente Java Runtime Environment de Oracle Java SE y Java for Business v6 Update 21, v5.0 Update 25, y v1.4.2_27 permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad mediante vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html http://marc.info/? •