Page 91 of 693 results (0.014 seconds)

CVSS: 5.0EPSS: 0%CPEs: 82EXPL: 0

CVE-2012-5072 – OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522)

https://notcve.org/view.php?id=CVE-2012-5072

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 7 y versiones anteriores, v6 Update 35 y anteriores permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con la Seguridad • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html http://marc.info/?l=bugtraq&m=135542848327757&w=2 http://marc.info/?l=bugtraq&m=135758563611658&w=2 http://rhn.redhat.com/errata/RHSA-2012-1385.html http://rhn.redhat.com/errata/RHSA-2012-1386.html http://rhn.redhat.com/errata/RHSA-2012-1391.html http:&# •

CVSS: 7.6EPSS: 1%CPEs: 224EXPL: 0

CVE-2012-5084 – OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)

https://notcve.org/view.php?id=CVE-2012-5084

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 7 y versiones anteriores, v6 Update 35 y anteriores, v5.0 Update 36 y anteriores, y v1.4.2_38 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Swing. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html http://marc.info/?l=bugtraq&m=135542848327757&w=2 http://marc.info/?l=bugtraq&m=135758563611658&w=2 http://rhn.redhat •

CVSS: 10.0EPSS: 12%CPEs: 14EXPL: 0

CVE-2012-1682 – Oracle Java java.beans.Statement Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2012-1682

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update v6 y anteriores que afecta a la confidencialidad, integridad y disponibilidad, a través de vectores desconocidos relacionados con (Beans), una vulnerabilidad diferente de CVE-2012-3136. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the java.beans.Expression class. • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://marc.info/?l=bugtraq&m=135109152819176&w=2 http://rhn.redhat.com/errata/RHSA-2012-1222.html http://rhn.redhat.com/errata/RHSA-2012-1225.html http://rhn.redhat.com/errata/RHSA-2012-1466.html http://rhn.redhat.com/errata/RHSA-2013-1455.html http:/ •

CVSS: 10.0EPSS: 1%CPEs: 14EXPL: 0

CVE-2012-3136 – OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)

https://notcve.org/view.php?id=CVE-2012-3136

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update v6 y anteriores, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con (Beans), una vulnerabilidad diferente de CVE-2012-1682. • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://marc.info/?l=bugtraq&m=135109152819176&w=2 http://rhn.redhat.com/errata/RHSA-2012-1225.html http://secunia.com/advisories/51044 http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html https://access.redhat.com/security/cve/CVE-2012-3136 https://bugzilla.redhat.com/show_bug.cgi?id=853138 •

CVSS: 0EPSS: 1%CPEs: 79EXPL: 1

CVE-2012-0547 – Java 7 Applet - Remote Code Execution

https://notcve.org/view.php?id=CVE-2012-0547

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "toolkit internals references." Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update v6 y anteriores, y 6 Update v34 no tiene impacto y no tiene impacto y vectores de ataque a distancia que implican AWT y "un security-in-depth que no es directamente explotable, pero que se puede utilizar para agravar las vulnerabilidades de seguridad que pueden ser explotadas directamente". NOTA: este identificador fue asignado por el CNA Oracle, pero CVE no se destina a cubrir los problemas (defense-in-depth) que se exponen sólo por la presencia de otras vulnerabilidades. • https://www.exploit-db.com/exploits/20865 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://marc.info/?l=bugtraq&m=135161897205627&w=2 http://rhn.redhat.com/errata/RHSA-2012-1222.html http://rhn.redhat.com/errata/RHSA-2012-1225.html http://rhn.redhat.com/errata/RHSA-2012-1392.html http://rhn.r •