CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2014-1876 – OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)
https://notcve.org/view.php?id=CVE-2014-1876
10 Feb 2014 — The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log. La función unpacker::redirect_stdio en unpack.cpp en unpack200 en OpenJDK 6, 7 y 8; Oracle Java SE 5.0u61, 6u71, 7u51 y 8; JRockit R27.8.1 y R28.3.1; y Java... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737562 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •
CVSS: 8.1EPSS: 54%CPEs: 56EXPL: 0CVE-2013-2461 – OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281)
https://notcve.org/view.php?id=CVE-2013-2461
18 Jun 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that thi... • http://advisories.mageia.org/MGASA-2013-0185.html •
CVSS: 5.9EPSS: 0%CPEs: 72EXPL: 0CVE-2013-0169 – SSL/TLS: CBC padding timing attack (lucky-13)
https://notcve.org/view.php?id=CVE-2013-0169
08 Feb 2013 — The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. El protocolo TLS v1.1 y v1.2 y el protocolo DTLS v1.0 y v1.2, tal como se... • http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 90%CPEs: 12EXPL: 1CVE-2013-0431 – Oracle JRE Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2013-0431
31 Jan 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than CVE-2013-1490. Una Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Java SE versión 7 hasta Update 11 y OpenJDK versión 7 de Oracle, permite a los atacantes remotos asistidos por el usuario ... • https://www.exploit-db.com/exploits/24539 • CWE-693: Protection Mechanism Failure •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 1CVE-2012-2739
https://notcve.org/view.php?id=CVE-2012-2739
28 Nov 2012 — Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. Oracle Java SE anteriores a 7 Update 6, y OpenJDK 7 anteriores a 7u6 build 12 y 8 anteriores a build 39, calculan los valores de hash sin restringir la posibilidad de provocar... • http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2012-5373
https://notcve.org/view.php?id=CVE-2012-5373
28 Nov 2012 — Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against the MurmurHash3 algorithm, a different vulnerability than CVE-2012-2739. Oracle Java SE 7 y anteriores, y OpenJDK 7 y anteriores, calcula l... • http://2012.appsec-forum.ch/conferences/#c17 • CWE-310: Cryptographic Issues •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2009-1896
https://notcve.org/view.php?id=CVE-2009-1896
10 Aug 2009 — The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute arbitrary code without the untrusted-code restrictions via a crafted application, related to NetX. La Java Web Start framework en IcedTea de OpenJDK en versiones anteriores a v1.6.0.0-20.b16.fc10 de Fedora 10, y anteriores a 1.6.0.0-27.b16.... • http://secunia.com/advisories/36162 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0CVE-2009-0794
https://notcve.org/view.php?id=CVE-2009-0794
13 Apr 2009 — Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line. Desbordamiento de entero en la clase PulseAudioTargetDataL de src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java de Pulse-Java, cuando es utilizado en OpenJDK v1.6.0.0 y otros productos, per... • http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2009-February/004729.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 7%CPEs: 2EXPL: 0CVE-2009-0793 – lcms: Null pointer dereference (DoS) by handling transformations of monochrome profiles
https://notcve.org/view.php?id=CVE-2009-0793
09 Apr 2009 — cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles." cmsxform.c en LittleCMS (también conocido como lcms o liblcms) v1.18, con el utilizado en OpenJDK y otros productos, permite a atacantes remotos provocar una denegación de servicio (desreferenciación de puntero ... • http://secunia.com/advisories/34623 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 1%CPEs: 4EXPL: 2CVE-2009-0723 – LittleCms integer overflow
https://notcve.org/view.php?id=CVE-2009-0723
23 Mar 2009 — Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de enteros en LittleCMS (también conocido como lcms o liblcms) anteriores a v1.18beta2, como el utilizado en Firefox v3.1beta, OpenJDK, y GIMP, permiten a atac... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html • CWE-190: Integer Overflow or Wraparound •