Page 6 of 130 results (0.011 seconds)

CVSS: 10.0EPSS: 2%CPEs: 257EXPL: 0

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects." Vulnerabilidad no especificada en el componente CORBA en Oracle Java SE y Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27 y 1.3.1_28 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. NOTA: la información previa fue obtenida de la CPU Octubre 2010. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/41972 http: •

CVSS: 10.0EPSS: 2%CPEs: 257EXPL: 0

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Sound de Oracle Jave SE y Java para Business v6 Update 21, v5.0 Update 25, v1.4.2_27, y v.1.3.1_28 permite a atacantes remotos comprometer la confidencialidad, integridad, y disponibilidad a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/41967 http://secunia.com/advisories/42974 http://secunia.com/advisories/44954 http://support.avaya.com/css/P8/documents/100114315 http://support.avaya.com/css/P8&# •

CVSS: 10.0EPSS: 13%CPEs: 257EXPL: 0

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the color profile parser that allows remote attackers to execute arbitrary code via a crafted Tag structure in a color profile. Vulnerabilidad no especificada en el componente 2D en Oracle Java SE y Java for Business v6 Update 21, v5.0 Update 25, v1.4.2_27 y v1.3.1_28 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle's Java Runtime Environment. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/42377 http://secunia.com/advisories/42974 http://secunia.com/advisories/43005 http://secunia.com/advisories/44954 http://support.avaya.com/css/P8/documents/100114315&# •

CVSS: 10.0EPSS: 29%CPEs: 257EXPL: 0

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this involves an incorrect sign extension in the HeadspaceSoundbank.nGetName function, which allows attackers to execute arbitrary code via a crafted BANK record that leads to a buffer overflow. Vulnerabilidad sin especificar en el componente Sound en Oracle Java SE y Java for Business 6 Update 21, v5.0 Update 25, v1.4.2_27 y v 1.3.1_28 permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/41967 http://secunia.com/advisories/42974 http://support.avaya.com/css/P8/documents/100114315 http://support.avaya.com/css/P8/documents/100123193 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.oracle. •

CVSS: 10.0EPSS: 2%CPEs: 149EXPL: 0

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API. Vulnerabilidad no especificada en el componente 2D en Oracle Java SE y Java for Business v6 Update 21, v5.0 Update 25 y v1.4.2_27 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of JPEG image dimensions. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html http://marc.info/? •