Page 67 of 439 results (0.012 seconds)

CVSS: 7.5EPSS: 3%CPEs: 61EXPL: 0

The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors. El mecanismo proxy implementado en Sun Java Runtime Environment (JRE) en JDK y JRE v6 anterior Update v15, y JDK y JRE v5.0 anterior Update v20, no previene el acceso a las cookies del buscador por (1) applets y (2) aplicaciones Java Web Start no confiables, que permiten a atacantes remotos secuestrar las sesiones web a través de vectores no especificados. • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20 http://java.sun.com/javase/6/webnotes/6u15.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://secunia.com/advisories • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 1%CPEs: 61EXPL: 0

The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties. El sistema de audio en Sun Java Runtime Environment (JRE) en JDK y JRE v6 anterior Update v15, y JDK y JRE v5.0 anterior Update v20, no previene el acceso a las propiedades java.lang.System (1) applets and (2)aplicaciones Java Web Start no confiables, permitiendo a atacantes dependientes del contexto obtener información sensible por la lectura de esas propiedades. • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20 http://java.sun.com/javase/6/webnotes/6u15.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://osvdb.org/56788 http&# • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 0%CPEs: 61EXPL: 0

The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors. El SOCKS proxy implementado en Java Runtime Environment (JRE) en JDK y JRE v6 anterior Update v15, y JDK y JRE v5.0 anterior Update v20, permite a atacantes remotos descubrir la cuenta de usuario que invoca un (1) applet o (2)aplicación Java Web Start no confiable a través de vectores no especificados. • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20 http://java.sun.com/javase/6/webnotes/6u15.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://secunia.com/advisories •

CVSS: 10.0EPSS: 3%CPEs: 61EXPL: 0

Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression. Un desbordamiento de enteros en la utilidad unpack200 en Sun Java Runtime Environment (JRE) en JDK y JRE versión 6 anterior a Update 15, y JDK y JRE versión 5.0 anterior a Update 20, permite a los atacantes dependiendo del contexto alcanzar privilegios por medio de campos de longitud no especificados en el encabezado de un archivo JAR comprimido de Pack200-, que conlleva a un desbordamiento del búfer en la región heap de la memoria durante la descompresión. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious web page or open a malicious JNLP file. The specific flaw exists within the code responsible for handling Pack200 compressed JAR files. During decompression, several fields within a Pack200 header are trusted and used to calculate sizes for heap buffer allocations. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=814 http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://secunia.com/advisories/36162 http://secunia.com/advisories/36176 http: • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 0%CPEs: 114EXPL: 0

Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4.1 through 1.4.1_07, and 1.4.0 through 1.4.0_04 allows untrusted applets and unprivileged servlets to gain privileges and read data from other applets via unspecified vectors related to classes in the XSLT processor, aka "XML sniffing." Sun SDK y Java Runtime Environment (JRE) desde la v1.4.2 hasta la v1.4.2_04, desde la v1.4.1 hasta la v1.4.1_07, y la v1.4.0 hasta la v1.4.0_04 permite a applets sin confianza y servlets sin privilegios conseguir privilegios y leer datos de otros applets a través de vectores sin especificar relacionados con las clases en el procesador XSLT, también conocido como "esnifado XML". • http://archive.cert.uni-stuttgart.de/uniras/2004/08/msg00007.html http://groups.google.com/group/comp.security.unix/tree/browse_frm/month/2004-10/fe63f1daa9689d50?rnum=161&_done=%2Fgroup%2Fcomp.security.unix%2Fbrowse_frm%2Fmonth%2F2004-10%3Ffwc%3D1%26#doc_29036353582c690d http://secunia.com/advisories/12206 http://securitytracker.com/id?1011661 http://www.osvdb.org/8288 http://www.securityfocus.com/archive/1/371208 http://www.securityfocus.com/bid/10844 https://exchange.xforce.ibmcloud.c • CWE-264: Permissions, Privileges, and Access Controls •