Page 72 of 381 results (0.014 seconds)

CVSS: 10.0EPSS: 2%CPEs: 66EXPL: 0

Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077. Vulnerabilidad no especificada en Sun Java Web Start de JDK y JRE 5.0 versiones anteriores a Update 16 y SDK y JRE 1.4.x versiones anteriores a 1.4.2_18 permite a atacantes remotos crear o borrar ficheros de su elección a través de aplicaciones no confiables, también conocido como CR 6704077. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 h • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 8.3EPSS: 5%CPEs: 12EXPL: 0

Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving "processing of XML data" by a trusted application. Vulnerabilidad no especificada en el cliente y servicio JAX-WS de Sun Java Runtime Environment (JRE), de JDK y JRE 6 Update 6 y anteriores permite a atacantes remotos acceder a URLs o provocar una denegación de servicio mediante vectores desconocidos que involucra "procesado de datos XML" por una aplicación de confianza. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 http://secunia.com/advisories/31010 http://secunia.com/advisories/31600 http://secunia.com/advisories/32018 http://secunia.com/advisories/32179 http://secunia.com/advisories/32180 http://secunia.com/advisories/32436 http://secunia.com/advisories/33237 http://secunia.com/advisories& • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 0

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue." Una vulnerabilidad no especificada en Java Web Start en Sun JDK y JRE versión 6 Update 4 y anteriores, permite a atacantes remotos crear archivos arbitrarios por medio de una aplicación no confiable, un problema diferente de CVE-2008-1190, también se conoce como "The fifth issue". • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29582 http://secunia.com/advisories/29858 http://secunia.com/advisories/30676 http://secunia.com/advisories/30780 http://secunia.com/advisories/32018 http://security.gentoo.org/glsa/glsa-200804-28.xml http://sunsolve.sun.com/sear •

CVSS: 6.8EPSS: 10%CPEs: 70EXPL: 0

Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms. Una vulnerabilidad no especificada en Sun Java Runtime Environment (JRE) y JDK versión 6 Update 4 y anteriores, versión 5.0 Update 14 y anteriores, y SDK/JRE versión 1.4.2_16 y anteriores, permite a atacantes remotos causar una denegación de servicio (bloqueo de JRE) y posiblemente ejecutar código arbitrario por medio de vectores desconocidos relacionados con las transformaciones XSLT. • http://dev2dev.bea.com/pub/advisory/277 http://download.novell.com/Download?buildid=q5exhSqeBjA~ http://jvn.jp/en/jp/JVN04032535/index.html http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://secunia.com/advisories/29239 http://secunia.com/ • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs. Múltiples vulnerabilidades no especificadas en el Java Runtime Environment en Sun JDK y JRE 6 Update 1 y versiones anteriores y 5.0 Update 13 y versiones anteriores, permite a atacantes según contexto conseguir privilegios a través de (1) aplicación o (2) applet no confiables, como se demostró por una aplicación o applet que garantiza de por sí privilegios de (a) lectura en archivos locales (b) escritura en archivos locales, o (c) ejecución de programas locales. • http://dev2dev.bea.com/pub/advisory/277 http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://secunia.com/advisories/28795 http://secunia.com/advisories/28888 http://secunia.com/advisories/29214 http://secunia.com/advisories/29498 http://secunia.com/advisories/29841 http://secunia.com/advisories/29858 http://secunia.com/advisories/29897 http://secunia.com/advisories/30676 http://secunia.com/advisories/30780 http://secunia.com/advisories/31497 http • CWE-264: Permissions, Privileges, and Access Controls •