CVSS: 7.5EPSS: 4%CPEs: 122EXPL: 0CVE-2005-3906
https://notcve.org/view.php?id=CVE-2005-3906
Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors, a different set of vulnerabilities than CVE-2005-3905. • http://lists.apple.com/archives/security-announce/2005/Nov/msg00004.html http://secunia.com/advisories/17748 http://secunia.com/advisories/17847 http://secunia.com/advisories/18092 http://secunia.com/advisories/18435 http://secunia.com/advisories/18503 http://securitytracker.com/id?1015280 http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102003-1 http://www-1.ibm.com/support/docview.wss?uid=swg21225628 http://www.gentoo.org/security/en/glsa/glsa-200601-10.xml htt •
CVSS: 7.5EPSS: 4%CPEs: 122EXPL: 0CVE-2005-3905
https://notcve.org/view.php?id=CVE-2005-3905
Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors, a different vulnerability than CVE-2005-3906. • http://lists.apple.com/archives/security-announce/2005/Nov/msg00004.html http://secunia.com/advisories/17748 http://secunia.com/advisories/17847 http://secunia.com/advisories/18092 http://secunia.com/advisories/18435 http://secunia.com/advisories/18503 http://securitytracker.com/id?1015280 http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102003-1 http://www-1.ibm.com/support/docview.wss?uid=swg21225628 http://www.gentoo.org/security/en/glsa/glsa-200601-10.xml htt •
CVSS: 10.0EPSS: 8%CPEs: 1EXPL: 2CVE-2005-1596
https://notcve.org/view.php?id=CVE-2005-1596
index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the is_logged parameter or execute arbitrary code via the maxname2 parameter. • http://secunia.com/advisories/15257 http://www.exploits.co.in/Article1134.html http://www.osvdb.org/16216 http://www.osvdb.org/16217 http://www.securiteam.com/exploits/5OP042KFPU.html http://www.vupen.com/english/advisories/2005/0508 https://exchange.xforce.ibmcloud.com/vulnerabilities/20531 •
CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 0CVE-2004-2627
https://notcve.org/view.php?id=CVE-2004-2627
Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code. • http://archives.neohapsis.com/archives/bugtraq/2004-10/0231.html http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0884.html http://secunia.com/advisories/12945 http://securitytracker.com/id?1011898 http://www.osvdb.org/11041 http://www.theregister.co.uk/2004/10/22/mobile_java_peril https://exchange.xforce.ibmcloud.com/vulnerabilities/17825 •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2002-0076
https://notcve.org/view.php?id=CVE-2002-0076
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability. El verificador de bytecode del "Java Runtime Enviroment" (entorno de ejecución de java), permite que atacantes remotos se salten la "sandbox" (caja de arena) de Java y ejecuten comandos a través de un applet que tiene una conversión de tipo ilegal. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218 http://www.iss.net/security_center/static/8480.php http://www.securityfocus.com/bid/4313 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-013 •