Page 77 of 431 results (0.010 seconds)

CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 0

CVE-2008-1191 – Untrusted Java Web Start arbitrary file creation

https://notcve.org/view.php?id=CVE-2008-1191

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue." Una vulnerabilidad no especificada en Java Web Start en Sun JDK y JRE versión 6 Update 4 y anteriores, permite a atacantes remotos crear archivos arbitrarios por medio de una aplicación no confiable, un problema diferente de CVE-2008-1190, también se conoce como "The fifth issue". • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29582 http://secunia.com/advisories/29858 http://secunia.com/advisories/30676 http://secunia.com/advisories/30780 http://secunia.com/advisories/32018 http://security.gentoo.org/glsa/glsa-200804-28.xml http://sunsolve.sun.com/sear •

CVSS: 9.3EPSS: 1%CPEs: 62EXPL: 0

CVE-2008-1186 – Untrusted applet and application privilege escalation (CVE-2008-1186)

https://notcve.org/view.php?id=CVE-2008-1186

Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue." Una vulnerabilidad no especificada en la Máquina Virtual para Sun Java Runtime Environment (JRE) y JDK versión 5.0 Update 13 y anteriores, y SDK/JRE versión 1.4.2_16 y anteriores, permite a atacantes remotos alcanzar privilegios por medio de una aplicación o applet no confiable, un problema diferente de CVE-2008-1185, también se conoce como "the second issue." • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29582 http://secunia.com/advisories/29858 http://secunia.com/advisories/30676 http://secunia.com/advisories/30780 http://secunia.com/advisories/32018 http://security.gentoo.org/glsa/glsa-200804-28.xml http://securitytracker.com/id • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 0%CPEs: 72EXPL: 0

CVE-2008-1190 – Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

https://notcve.org/view.php?id=CVE-2008-1190

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue. Una vulnerabilidad no especificada en Java Web Start en Sun JDK y JRE versión 6 Update 4 y versiones anteriores, versión 5.0 Update 14 y versiones anteriores, y SDK/JRE versión 1.4.2_16 y versiones anteriores, permite a atacantes remotos alcanzar privilegios por medio de una aplicación que no es de confianza, un problema diferente de CVE-2008-1191, también se conoce como el problema "fourth". • http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29498 http://secunia.com/advisories/29582 http://secunia.com/advisories/29858 http://secunia.com/advisories/29897 http://secunia.com/advisories/30676 http://s • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 0%CPEs: 116EXPL: 0

CVE-2008-1192 – Java Plugin same-origin-policy bypass

https://notcve.org/view.php?id=CVE-2008-1192

Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors. Una vulnerabilidad no especificada en el Plug-in de Java para Sun JDK y JRE versión 6 Update 4 y anteriores, y versión 5.0 Update 14 y anteriores; y SDK y JRE versión 1.4.2_16 y anteriores, y versión 1.3.1_21 y anteriores; permite a atacantes remotos omitir la política del mismo origen y "execute local applications" por medio de vectores desconocidos. • http://dev2dev.bea.com/pub/advisory/277 http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29498 http://secunia.com/advisories/29582 http://secunia.com/advisories/29841 http://secunia.com/advisories/29858 http: • CWE-254: 7PK - Security Features •

CVSS: 6.8EPSS: 10%CPEs: 70EXPL: 0

CVE-2008-1187 – Untrusted applet and application XSLT processing privilege escalation

https://notcve.org/view.php?id=CVE-2008-1187

Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms. Una vulnerabilidad no especificada en Sun Java Runtime Environment (JRE) y JDK versión 6 Update 4 y anteriores, versión 5.0 Update 14 y anteriores, y SDK/JRE versión 1.4.2_16 y anteriores, permite a atacantes remotos causar una denegación de servicio (bloqueo de JRE) y posiblemente ejecutar código arbitrario por medio de vectores desconocidos relacionados con las transformaciones XSLT. • http://dev2dev.bea.com/pub/advisory/277 http://download.novell.com/Download?buildid=q5exhSqeBjA~ http://jvn.jp/en/jp/JVN04032535/index.html http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://secunia.com/advisories/29239 http://secunia.com/ • CWE-264: Permissions, Privileges, and Access Controls •