Page 86 of 430 results (0.022 seconds)

CVSS: 5.0EPSS: 27%CPEs: 84EXPL: 0

readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data. • http://archives.neohapsis.com/archives/bugtraq/2005-04/0113.html http://secunia.com/advisories/13271 http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-57707-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/20027 •

CVSS: 9.3EPSS: 19%CPEs: 157EXPL: 1

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. • https://www.exploit-db.com/exploits/24763 http://jouko.iki.fi/adv/javaplugin.html http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html http://secunia.com/advisories/13271 http://secunia.com/advisories/29035 http://securityreason.com/securityalert/61 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1 http://sunsolve.sun.co • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0

Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). Vulnerabilidad desconocida en Sun Java Runtime Environment (JRE) 1.4.2 a 1.4.2_03 permite a atacantes remotos causar una denegación de servicio (cuelgue de la máquina virtual). • http://marc.info/?l=bugtraq&m=108559041910233&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57555 http://www.kb.cert.org/vuls/id/118558 http://www.securityfocus.com/advisories/6773 http://www.securityfocus.com/bid/10301 https://exchange.xforce.ibmcloud.com/vulnerabilities/16085 •

CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 1

Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program. • http://www.securityfocus.com/archive/1/343038 http://www.securityfocus.com/bid/8937 https://exchange.xforce.ibmcloud.com/vulnerabilities/13570 •

CVSS: 5.0EPSS: 6%CPEs: 17EXPL: 1

Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses. • http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4396719 http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4944300 http://www.illegalaccess.org/exploit/ObjectStackOverflow.html http://www.securityfocus.com/archive/1/434705/100/0/threaded http://www.securityfocus.com/bid/18058 •