6 results (0.021 seconds)

CVSS: 9.3EPSS: 2%CPEs: 46EXPL: 0

Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE. Múltiples vulnerabilidades no especificadas en Sun Java Development Kit (JDK) y Java Runtime Environment (JRE) 5.0 Update 7 y anteriores, y Java System Development Kit (SDK) y JRE1.4.2_12 y anteriores versiones 1.4.x, permiten a atacantes remotos desarrollar applets o aplicaciones Java que son capaces de obtener privilegios, relacionados con la serialización en JRE. • http://dev2dev.bea.com/pub/advisory/240 http://docs.info.apple.com/article.html?artnum=307177 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html http://secunia.com/advisories/23445 http://secunia.com/advisories/23650 http://secunia.com/advisories/23835 http://secunia.com/advisories/24099 http:&#x •

CVSS: 5.0EPSS: 1%CPEs: 10EXPL: 0

The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities. Java Plug-in J2SE 1.3.0_02 hasta 5.0 Update 5, y Java Web Start 1.0 hasta 1.2 y J2SE 1.4.2 hasta 5.0 Update 5, permite a atacantes remotos explotar vulnerabilidades especificando una versión JRE que contiene vulnerabilidades. • http://secunia.com/advisories/21570 http://securitytracker.com/id?1016732 http://securitytracker.com/id?1016733 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.osvdb.org/28109 http://www.securityfocus.com/archive/1/382413 http://www.securityfocus.com/bid/11757 http://www.securityfocus.com/bid/8879 http://www.vupen.com/english/advisories/2006/3354 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications. • http://docs.info.apple.com/article.html?artnum=303658 http://secunia.com/advisories/18762 http://securitytracker.com/id?1015597 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102170-1 http://www.kb.cert.org/vuls/id/652636 http://www.securityfocus.com/bid/16540 http://www.vupen.com/english/advisories/2006/0468 http://www.vupen.com/english/advisories/2006/1398 https://exchange.xforce.ibmcloud.com/vulnerabilities/24568 •

CVSS: 5.1EPSS: 1%CPEs: 10EXPL: 0

Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges. • http://marc.info/?l=bugtraq&m=112861772130119&w=2 http://marc.info/?l=bugtraq&m=112992075412844&w=2 http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7638 http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html http://secunia.com/advisories/17272 http://securityreason.com/securityalert/56 http://securitytracker.com/id?1015643 http://sunsolve.sun.com/search/document.do? •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836. • http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html •