sun java virtual machine vulnerabilities and exploits

(subscribe to this query)

2.6

CVSSv2

Interpretation conflict in the Sun Java Virtual Machine (JVM) allows user-assisted remote malicious users to conduct a multi-pin DNS rebinding attack and execute arbitrary JavaScript in an intranet context, when an intranet web server has an HTML document that references a "...

Sun Java Virtual Machine

2.1

CVSSv2

Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception.

Sun Java 1.4.2 Sun Java 1.3.1 Sun Java 1.4.1

1 EDB exploit

7.5

CVSSv2

Java Runtime Environment (JRE) Bytecode Verifier allows remote malicious users to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and previous versions as used in Internet Explorer 4.x and 5.x...

Hp Java Jre-jdk 1.1.8 Hp Java Jre-jdk 1.2.2 Sun Jre 1.2.2 Sun Jre 1.3.0 Sun Jre 1.1.8 Hp Java Jre-jdk 1.3 Microsoft Virtual Machine 3802 Sun Jre 1.3.1 Sun Sdk 1.3.1 01 Sun Sdk 1.3.1 01a Sun Sdk 1.3 05 Sun Jdk 1.1.8 Sun Sdk 1.2.2 010 Sun Sdk 1.2.2 10

5

CVSSv2

Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 up to and including 6.1...

Sun Jre 1.2.2 Sun Jre 1.3.0 Sun Jre 1.1.8 Microsoft Virtual Machine 3802 Sun Sdk 1.1.8 007 Sun Sdk 1.2.2 010 Sun Jdk 1.1.8 Sun Sdk 1.2.2 10 Sun Sdk 1.3 02

5

CVSSv2

java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote malicious users to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged method with a null argument.

Sun Jre 1.2.2 Sun Jre 1.3.1

1 EDB exploit

6.4

CVSSv2

Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and previous versions allows remote malicious users to access files and execute arbitrary code via unknown vectors related to "code generation.&qu...

Sun Java

7.5

CVSSv2

The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and previous versions allows remote malicious users to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/...

Sun Jre

1 EDB exploit

10

CVSSv2

Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and previous versions, 6 Update 41 and previous versions, and 5.0 Update 40 and previous versions allows remote malicious users to execute arbitrary code vi...

Sun Jre 1.6.0 Oracle Jre 1.6.0 Oracle Jre Sun Jdk 1.6.0 Oracle Jdk 1.6.0 Oracle Jdk Sun Jre 1.5.0 Oracle Jre 1.5.0 Sun Jdk 1.5.0 Oracle Jdk 1.5.0 Oracle Jre 1.7.0 Oracle Jdk 1.7.0

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook