CVSS: 8.3EPSS: 5%CPEs: 12EXPL: 0CVE-2008-3105 – OpenJDK JAX-WS unauthorized URL access (6542088)
https://notcve.org/view.php?id=CVE-2008-3105
Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving "processing of XML data" by a trusted application. Vulnerabilidad no especificada en el cliente y servicio JAX-WS de Sun Java Runtime Environment (JRE), de JDK y JRE 6 Update 6 y anteriores permite a atacantes remotos acceder a URLs o provocar una denegación de servicio mediante vectores desconocidos que involucra "procesado de datos XML" por una aplicación de confianza. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 http://secunia.com/advisories/31010 http://secunia.com/advisories/31600 http://secunia.com/advisories/32018 http://secunia.com/advisories/32179 http://secunia.com/advisories/32180 http://secunia.com/advisories/32436 http://secunia.com/advisories/33237 http://secunia.com/advisories& • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 2%CPEs: 77EXPL: 0CVE-2008-3112 – Sun Java Web Start Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2008-3112
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909. Vulnerabilidad no especificada en Sun Java Web Start de JDK y JRE 6 versiones anteriores a Update 7, JDK y JRE 5.0 versiones anteriores a Update 16, y SDK y JRE 1.4.x versiones anteriores a 1.4.2_18 permite a atacantes remotos crear ficheros de su elección a través de una aplicación no confiable, también conocido como CR 6703909. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the writeManifest() method of the CacheEntry class. A directory traversal flaw in this method allows the creation of arbitrary files on the target system. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 h • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 3%CPEs: 102EXPL: 0CVE-2008-3104 – Java RE allows Same Origin Policy to be Bypassed (6687932)
https://notcve.org/view.php?id=CVE-2008-3104
Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet. Múltiples vulnerabilidades sin especificar en Sun Java Runtime Environment (JRE) en JDK y JRE 6 antes de Update 7, JDK y JRE 5.0 antes de Update 16, SDK y JRE 1.4.x antes de 1.4.2_18, y SDK y JRE 1.3.x antes de 1.3.1_23 permiten a atacantes remotos violar el modelo de seguridad para conexiones de salida de un applet conectándose a servicios del localhost que se están ejecutando en la máquina que cargó el applet. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 h • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 62%CPEs: 73EXPL: 0CVE-2008-3111 – Sun Java Web Start vm args Stack-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-3111
Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220. Múltiples desbordamientos de búfer en Sun Java Web Start en JDK y JRE versión 6 anterior a la Actualización 4, JDK y JRE versión 5.0 anterior a la Actualización 16, y SDK y JRE versión 1.4.x anterior a 1.4.2_18, permiten a los atacantes dependiendo del contexto obtener privilegios por medio de una aplicación no confiable, como se ha demostrado por (a) una aplicación que otorga privilegios para sí mismo (1) leer archivos locales, (2) escribir en archivos locales, o (3) ejecutar programas locales; y como lo demuestra por (b) un valor largo asociado con un atributo java-vm-args en una etiqueta j2se en un archivo JNLP, que activa un desbordamiento del búfer en la región stack de la memoria en la función GetVMArgsOption; también se conoce como CR 6557220. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the GetVMArgsOption() function used while parsing the java-vm-args attribute of the j2se tag in xml based JNLP files. When a user downloads a malicious JNLP file, the vulnerable attribute is read into a static buffer. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 http://secunia.com/advisories/31010 http://secunia.com/advisories/31055 http://secunia.com/advisories/31320 http://secunia.com/advisories/314 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 24%CPEs: 72EXPL: 0CVE-2008-1189 – Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
https://notcve.org/view.php?id=CVE-2008-1189
Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue. El desbordamiento de búfer en Java Web Start en JDK y JRE versión 6 Update 4 y anteriores, versión 5.0 Update 14 y anteriores, y SDK/JRE versión 1.4.2_16 y anteriores, de Sun, permite a los atacantes remotos ejecutar código arbitrario por medio de vectores desconocidos, un problema diferente del CVE-2008-1188, también se conoce como el problema "third". • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29498 http://secunia.com/advisories/29582 http://secunia.com/advisories/29858 http://secunia.com/advisories/29897 http://secunia.com/advisories/30676 http://s • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •