VYPR

SDK

by Sun Corporation

CVEs (128)

  • CVE-2009-3871Nov 5, 2009
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before…

  • CVE-2009-1098Mar 25, 2009
    risk 0.01cvss epss 0.07

    Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka…

  • CVE-2008-5359Dec 5, 2008
    risk 0.01cvss epss 0.11

    Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a…

  • CVE-2008-5357Dec 5, 2008
    risk 0.01cvss epss 0.10

    Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted…

  • CVE-2008-5356Dec 5, 2008
    risk 0.01cvss epss 0.09

    Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file.

  • CVE-2008-5355Dec 5, 2008
    risk 0.01cvss epss 0.08

    The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not verify the signature of the JRE that is downloaded, which allows remote attackers to…

  • CVE-2008-2086Dec 5, 2008
    risk 0.01cvss epss 0.07

    Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs,…

  • CVE-2008-3113Jul 9, 2008
    risk 0.01cvss epss 0.06

    Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.

  • CVE-2008-1190Mar 6, 2008
    risk 0.01cvss epss 0.17

    Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth"…

  • CVE-2008-1189Mar 6, 2008
    risk 0.01cvss epss 0.07

    Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.

  • CVE-2008-1196Mar 6, 2008
    risk 0.01cvss epss 0.07

    Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.

  • CVE-2007-3504Jun 30, 2007
    risk 0.01cvss epss 0.06

    Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants…

  • CVE-2005-1080May 2, 2005
    risk 0.01cvss epss 0.07

    Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.

  • CVE-2002-0058Mar 15, 2002
    risk 0.01cvss epss 0.09

    Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and…

  • CVE-2010-4476Feb 17, 2011
    risk 0.00cvss epss 0.23

    The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a…

  • CVE-2010-4475Feb 17, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect…

  • CVE-2010-4473Feb 17, 2011
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors…

  • CVE-2010-4469Feb 17, 2011
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect…

  • CVE-2010-4466Feb 17, 2011
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows; and 1.4.2_29 and earlier for Windows allows remote untrusted Java Web Start…

  • CVE-2010-4465Feb 17, 2011
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect…

Page 2 of 7