CVSS: 4.0EPSS: 0%CPEs: 30EXPL: 0CVE-2006-0615
https://notcve.org/view.php?id=CVE-2006-0615
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues." • http://docs.info.apple.com/article.html?artnum=303658 http://secunia.com/advisories/18760 http://secunia.com/advisories/18884 http://securitytracker.com/id?1015596 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102171-1 http://www.gentoo.org/security/en/glsa/glsa-200602-07.xml http://www.kb.cert.org/vuls/id/759996 http://www.vupen.com/english/advisories/2006/0467 http://www.vupen.com/english/advisories/2006/0828 http://www.vupen.com/english/advisories/ •
CVSS: 10.0EPSS: 8%CPEs: 1EXPL: 2CVE-2005-1596
https://notcve.org/view.php?id=CVE-2005-1596
index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the is_logged parameter or execute arbitrary code via the maxname2 parameter. • http://secunia.com/advisories/15257 http://www.exploits.co.in/Article1134.html http://www.osvdb.org/16216 http://www.osvdb.org/16217 http://www.securiteam.com/exploits/5OP042KFPU.html http://www.vupen.com/english/advisories/2005/0508 https://exchange.xforce.ibmcloud.com/vulnerabilities/20531 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2331
https://notcve.org/view.php?id=CVE-2004-2331
ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag. • http://secunia.com/advisories/10743 http://www.macromedia.com/devnet/security/security_zone/mpsb04-01.html http://www.securityfocus.com/bid/9521 https://exchange.xforce.ibmcloud.com/vulnerabilities/14984 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVSS: 5.0EPSS: 0%CPEs: 61EXPL: 0CVE-2004-1145
https://notcve.org/view.php?id=CVE-2004-1145
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. • http://marc.info/?l=bugtraq&m=110356286722875&w=2 http://secunia.com/advisories/13586 http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml http://www.heise.de/security/dienste/browsercheck/tests/java.shtml http://www.kb.cert.org/vuls/id/420222 http://www.kde.org/info/security/advisory-20041220-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2004:154 http://www.redhat.com/support/errata/RHSA-2005-065.html https://exchange.xforce.ibmcloud.com/vulnera •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2004-0723
https://notcve.org/view.php?id=CVE-2004-0723
Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java." • http://marc.info/?l=bugtraq&m=108948405808522&w=2 http://www.securityfocus.com/bid/10688 https://exchange.xforce.ibmcloud.com/vulnerabilities/16666 •