CVSS: 9.3EPSS: 2%CPEs: 46EXPL: 0CVE-2006-6745
https://notcve.org/view.php?id=CVE-2006-6745
Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE. Múltiples vulnerabilidades no especificadas en Sun Java Development Kit (JDK) y Java Runtime Environment (JRE) 5.0 Update 7 y anteriores, y Java System Development Kit (SDK) y JRE1.4.2_12 y anteriores versiones 1.4.x, permiten a atacantes remotos desarrollar applets o aplicaciones Java que son capaces de obtener privilegios, relacionados con la serialización en JRE. • http://dev2dev.bea.com/pub/advisory/240 http://docs.info.apple.com/article.html?artnum=307177 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html http://secunia.com/advisories/23445 http://secunia.com/advisories/23650 http://secunia.com/advisories/23835 http://secunia.com/advisories/24099 http:&#x •
CVSS: 4.3EPSS: 0%CPEs: 78EXPL: 0CVE-2006-6736
https://notcve.org/view.php?id=CVE-2006-6736
Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The second issue." Vulnerabilidad no especificada en Sun Java Development Kit (JDK) y Java Runtime Environment (JRE) 5.0 Update 6 y anteriores, Java System Development Kit (SDK) y JRE 1.4.2_12 y anteriores versiones 1.4.x, y SDKy JRE 1.3.1_18 y anteriores permite a atacantes remotos utilizar applets no confiables para "acceder a datos de otros applets", también mencionado como el "segundo problema". • http://docs.info.apple.com/article.html?artnum=307177 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html http://secunia.com/advisories/23398 http://secunia.com/advisories/23650 http://secunia.com/advisories/23835 http://secunia.com/advisories/24099 http://secunia.com/advisories/24189 http://secunia.com/advisories/25404 http://secunia.com/advisories/26049 http://secunia.com/advisories/ •
CVSS: 4.3EPSS: 0%CPEs: 72EXPL: 0CVE-2006-6737
https://notcve.org/view.php?id=CVE-2006-6737
Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The first issue." Vulnerabilidad no especificada en Sun Java Development Kit (JDK) y Java Runtime Environment (JRE) 5.0 Update 5 y anteriores, Java System Development Kit (SDK) y JRE 1.4.2_10 y versiones 1.4.x anteriores, y SDK y JRE 1.3.1_18 y anteriores permite a atacantes remotos utilizar applets que no son de confianza para "acceder a información de otros applets", también conocido como "El primer asunto". • http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html http://secunia.com/advisories/23398 http://secunia.com/advisories/23650 http://secunia.com/advisories/23835 http://secunia.com/advisories/24099 http://secunia.com/advisories/24189 http://secunia.com/advisories/25404 http://secunia.com/advisories/26049 http://secunia.com/advisories/26119 http://security.gentoo.org/glsa/glsa-200701-15.xml http://security.gentoo.org/glsa/glsa-200702-08.xml http://sec •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2006-6009
https://notcve.org/view.php?id=CVE-2006-6009
Unspecified vulnerability in the Java Runtime Environment (JRE) Swing library in JDK and JRE 5.0 Update 7 and earlier allows attackers to obtain certain information via unknown attack vectors, related to an untrusted applet accessing data in other applets. Vulnerabilidad no especificada en la librería Java Runtime Environment (JRE) Swing de JDKy JRE 5.0 Update 7 y anteriores permite a atacantes remotos obtener determinada información mediante vectores de ataque no especificados, relacionados con un applet no confiable que accede a datos de otros applets. • http://secunia.com/advisories/22910 http://securitytracker.com/id?1017229 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102622-1 http://www.securityfocus.com/bid/21077 http://www.vupen.com/english/advisories/2006/4523 https://exchange.xforce.ibmcloud.com/vulnerabilities/30304 •
CVSS: 4.0EPSS: 1%CPEs: 95EXPL: 0CVE-2006-5201
https://notcve.org/view.php?id=CVE-2006-5201
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1. Múltiples paquetes sobre Sun Solaris, incluyendo (1) NSS; (2) Java JDK and JRE 5.0 Update 8 y anteriores, SDK y JRE 1.4.x hasta 1.4.2_12, y SDK y JRE 1.3.x hasta 1.3.1_19; (3) JSSE 1.0.3_03 y anteriores; (4) IPSec/IKE; (5) Secure Global Desktop; y (6) StarOffice, cuando se usa una llave RSA con un exponente 3, elimina el relleno PKCS-1 antes de generar un hash, lo cual permite a un atacante remoto falsificar una firma PKCS #1 v1.5 que esta firmada por una llave RSA y evita que estos productos verifiquen correctamente X.509 y otros certificados que utilicen PKCS #1. • http://secunia.com/advisories/22204 http://secunia.com/advisories/22226 http://secunia.com/advisories/22325 http://secunia.com/advisories/22992 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1 http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm http://www.kb.cert.org/vuls/id/845620 http://www.vupen.com/english/advisories/2006/3898 http://www.vupen.com/english/advisories/2006&# •