CVSS: 4.3EPSS: 1%CPEs: 94EXPL: 0CVE-2007-2789 – BMP image parser vulnerability
https://notcve.org/view.php?id=CVE-2007-2789
The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier, when running on Unix/Linux systems, allows remote attackers to cause a denial of service (JVM hang) via untrusted applets or applications that open arbitrary local files via a crafted BMP file, such as /dev/tty. El analizador de imágenes BMP en Sun Java Development Kit (JDK) versiones anteriores a 1.5.0_11-b03 y versiones 1.6.x anteriores a 1.6.0_01-b06, y Sun Java Runtime Environment en JDK y JRE versión 6, JDK y JRE versión 5.0 Update 10 y anteriores, SDK y JRE versión 1.4.2_14 y anteriores, y SDK y JRE versión 1.3.1_19 y anteriores, cuando se ejecutan en sistemas Unix/Linux, permiten a atacantes remotos causar una denegación de servicio (bloqueo de JVM) por medio de applets o aplicaciones no confiables que abren archivos locales arbitrarios por medio de un archivo BMP diseñado, tales como /dev/tty. • http://dev2dev.bea.com/pub/advisory/248 http://docs.info.apple.com/article.html?artnum=307177 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://scary.beasts.org/security/CESA-2006-004.html http://secunia.com/advisories/25295 http://secunia.com/advisories/25474 http://secunia.com/advisories/25832 http://secunia.com/advisories/26049 http://secunia.com/advisories/26119 http://secunia.com/advisories/26311 http://secunia.com/advisories/26369 http:& • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 38%CPEs: 37EXPL: 1CVE-2007-0243 – Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2007-0243
Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption. Desbordamiento de búfer en el Sun JDK y el Java Runtime Environment (JRE) 5.0 Actualizada a la 9 y anteriores, SDK y JRE 1.4.2_12 y anteriores y SDK y JRE 1.3.1_18 y anteriores permite a los applets obtener privilegios mediante una imagen GIF con un bloque con un campo de longitud 0, el cual dispara una corrupción de memoria. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java Virtual Machine (JVM). User interaction is required to exploit this vulnerability in that the target must visit a malicious website. The specific flaw exists during the parsing of GIF image components. When the image width in an image block of a valid GIF file is set to 0, the Java runtime will allocate the specified size but subsequently copy all data to the under allocated memory chunk. • https://www.exploit-db.com/exploits/3168 http://dev2dev.bea.com/pub/advisory/242 http://docs.info.apple.com/article.html?artnum=307177 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://osvdb.org/32834 http://secunia.com/advisories/23757 http://secunia.com/advisories/24189 http://secunia.com/advisories/24202 http://secunia.com/advisories/24468 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2006-6009
https://notcve.org/view.php?id=CVE-2006-6009
Unspecified vulnerability in the Java Runtime Environment (JRE) Swing library in JDK and JRE 5.0 Update 7 and earlier allows attackers to obtain certain information via unknown attack vectors, related to an untrusted applet accessing data in other applets. Vulnerabilidad no especificada en la librería Java Runtime Environment (JRE) Swing de JDKy JRE 5.0 Update 7 y anteriores permite a atacantes remotos obtener determinada información mediante vectores de ataque no especificados, relacionados con un applet no confiable que accede a datos de otros applets. • http://secunia.com/advisories/22910 http://securitytracker.com/id?1017229 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102622-1 http://www.securityfocus.com/bid/21077 http://www.vupen.com/english/advisories/2006/4523 https://exchange.xforce.ibmcloud.com/vulnerabilities/30304 •
CVSS: 4.0EPSS: 1%CPEs: 95EXPL: 0CVE-2006-5201
https://notcve.org/view.php?id=CVE-2006-5201
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1. Múltiples paquetes sobre Sun Solaris, incluyendo (1) NSS; (2) Java JDK and JRE 5.0 Update 8 y anteriores, SDK y JRE 1.4.x hasta 1.4.2_12, y SDK y JRE 1.3.x hasta 1.3.1_19; (3) JSSE 1.0.3_03 y anteriores; (4) IPSec/IKE; (5) Secure Global Desktop; y (6) StarOffice, cuando se usa una llave RSA con un exponente 3, elimina el relleno PKCS-1 antes de generar un hash, lo cual permite a un atacante remoto falsificar una firma PKCS #1 v1.5 que esta firmada por una llave RSA y evita que estos productos verifiquen correctamente X.509 y otros certificados que utilicen PKCS #1. • http://secunia.com/advisories/22204 http://secunia.com/advisories/22226 http://secunia.com/advisories/22325 http://secunia.com/advisories/22992 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1 http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm http://www.kb.cert.org/vuls/id/845620 http://www.vupen.com/english/advisories/2006/3898 http://www.vupen.com/english/advisories/2006&# •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2006-0616
https://notcve.org/view.php?id=CVE-2006-0616
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue." • http://docs.info.apple.com/article.html?artnum=303658 http://secunia.com/advisories/18760 http://secunia.com/advisories/18884 http://securitytracker.com/id?1015596 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102171-1 http://www.gentoo.org/security/en/glsa/glsa-200602-07.xml http://www.kb.cert.org/vuls/id/759996 http://www.vupen.com/english/advisories/2006/0467 http://www.vupen.com/english/advisories/2006/0828 http://www.vupen.com/english/advisories/ •