Searching java software vulnerabilities

The URLConnection function in MacOS Runtime Jav

URLConnection | function | Runtime | MacOS | Java |

The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model.


The default configuration of the Sun Java web s

configuration | arbitrary | attackers | boardhtml | uploading | commands | compiler | directly | earlier | default | calling | execute | servlet | remote | server | allows | then | Java | code | JSP | web | Sun | via |

The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.


The administration module in Sun Java web serve

comsunserverhttppagecompilejsp92JspServlet | administration | requesting | arbitrary | attackers | /servlet/ | uploading | commands | execute | invoke | module | begins | remote | allows | server | Java | code | web | tag | URL | Sun |

The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.


The Java logging feature for the Java Virtual M

Systemoutprintln | functions | arbitrary | Internet | Explorer | pathname | feature | logging | execute | Virtual | Machine | writes | output | which | known | Java | code | such | used | can |

The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code.


The Microsoft Java implementation, as used in I

implementation | attackers | Microsoft | Explorer | Internet | service | denial | remote | allows | cause | used | Java |

The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private constructors) by providing the class name in the code parameter, aka "Incomplete Java Object Instantiation Vulnerability."


java.security.AccessController in Sun Java Virt

javasecurityAccessController | Virtual | Machine | Java | Sun |

java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged method with a null argument.


Sun Java Runtime Environment (JRE) and SDK 1.4.

Environment | Runtime | Java | Sun |

Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model.


The Sun Java Plugin capability in Java 2 Runtim

Environment | capability | Runtime | Plugin | Java | Sun |

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code.


Multiple vulnerabilities in Konqueror in KDE 3.

vulnerabilities | Konqueror | Multiple | KDE |

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.


Java Web Start in Java 2 Platform Standard Edit

Platform | Standard | Edition | Start | Java | Web |

Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges.


Unspecified vulnerability in Java 1.4.2 before

vulnerability | Unspecified | Java |

Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to "the utility used to update Java shared archives."


Java 1.4.2 before 1.4.2 Release 2 on Apple Mac

Java |

Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X does not prevent multiple programs from opening the same port as a Java ServerSocket, which allows local users to operate a Java program that intercepts network data intended for the ServerSocket of a different Java program.


Unspecified vulnerability in Java Management Ex

vulnerability | Unspecified | Management | Extensions | Java |

Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors.


Unspecified vulnerability in Java Runtime Envir

vulnerability | applications | Environment | Unspecified | involving | attackers | arbitrary | untrusted | execute | sandbox | unknown | Runtime | applets | vectors | earlier | attack | remote | allows | Update | access | escape | files | Java | JDK | via | JRE |

Unspecified vulnerability in Java Runtime Environment in Java JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors involving untrusted Java applets.


Unspecified vulnerability in Sun Java JDK and J

vulnerability | Unspecified | reflection | privileges | involving | attackers | security | sandbox | vectors | "fourth | earlier | issue" | obtain | allows | Update | bypass | remote | Java | APIs | aka | Sun | via | JRE | JDK |

Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue."


Unspecified vulnerability in Java Applets in Op

OpenOfficeorg | vulnerability | Unspecified | Applets | Java | 11x |

Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.


Neon WebMail for Java before 5.08 allows remote

WebMail | before | Java | Neon |

Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by sending an e-mail message with a JSP file attachment, which is stored under the web root with a predictable filename.


Multiple unspecified vulnerabilities in Sun Jav

vulnerabilities | Development | unspecified | Multiple | Java | Kit | Sun |

Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.


The design of QuickTime for Java in Apple Quick

arbitrary | attackers | execution | QuickTime | security | possibly | controls | applets | process | certain | leading | design | memory | bypass | allows | remote | before | Apple | write | code | Java | via |

The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.


The JDirect support in QuickTime for Java in Ap

interfaces | arbitrary | dangerous | attackers | QuickTime | execute | JDirect | certain | crafted | applets | exposes | support | remote | before | allows | Apple | which | Java | code | via |

The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets.


Software vulnerabilities results 1 to 20 of 247     
Page: 12345...13