This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:sun:jdk:6:update_4
Detail
VendorSunFirst view 2008-03-06
ProductJdkLast view 2009-08-06
Version6TypeApplication
Edition 
Language 
Updateupdate_4 
 
CPE Productcpe:/a:sun:jdk

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
52009-08-06CVE-2009-2625NetworkLowNone Requ...
102009-08-05CVE-2009-2675NetworkLowNone Requ...
7.52009-08-05CVE-2009-2674NetworkLowNone Requ...
7.52009-08-05CVE-2009-2673NetworkLowNone Requ...
7.52009-08-05CVE-2009-2672NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52009-08-05CVE-2009-2671NetworkLowNone Requ...
52009-08-05CVE-2009-2670NetworkLowNone Requ...
6.42008-12-05CVE-2008-5360NetworkLowNone Requ...
9.32008-12-05CVE-2008-5359NetworkMediumNone Requ...
9.32008-12-05CVE-2008-5358NetworkMediumNone Requ...
9.32008-12-05CVE-2008-5357NetworkMediumNone Requ...
9.32008-12-05CVE-2008-5356NetworkMediumNone Requ...
102008-12-05CVE-2008-5355NetworkLowNone Requ...
9.32008-12-05CVE-2008-5354NetworkMediumNone Requ...
102008-12-05CVE-2008-5353NetworkLowNone Requ...
9.32008-12-05CVE-2008-5352NetworkMediumNone Requ...
7.52008-12-05CVE-2008-5351NetworkLowNone Requ...
52008-12-05CVE-2008-5350NetworkLowNone Requ...
7.12008-12-05CVE-2008-5349NetworkMediumNone Requ...
7.12008-12-05CVE-2008-5348NetworkMediumNone Requ...
7.52008-12-05CVE-2008-5347NetworkLowNone Requ...
7.52008-12-05CVE-2008-5345NetworkLowNone Requ...
7.52008-12-05CVE-2008-5344NetworkLowNone Requ...
92008-12-05CVE-2008-5343NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
58% (18)CWE-264Permissions, Privileges, and Access Controls
12% (4)CWE-200Information Exposure
12% (4)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
6% (2)CWE-189Numeric Errors
3% (1)CWE-287Improper Authentication
Hide | Show 2 More...
%idName
3% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
3% (1)CWE-16Configuration

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:10278Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Upd...
oval:org.mitre.oval:def:22027ELSA-2008:0243: java-1.4.2-bea security update (Moderate)
oval:org.mitre.oval:def:5601Java Web Start Bugs Let Remote Users Read/Write Files, Execute Arbitrary Code...
oval:org.mitre.oval:def:10920Unspecified vulnerability in the Java Management Extensions (JMX) management ...
oval:org.mitre.oval:def:22657ELSA-2008:0891: java-1.5.0-ibm security update (Moderate)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:9565Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in...
oval:org.mitre.oval:def:11274Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtim...
oval:org.mitre.oval:def:10866Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JR...
oval:org.mitre.oval:def:10219Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environm...
oval:org.mitre.oval:def:8540Unspecified vulnerability in scripting language support in Sun Java Runtime E...
oval:org.mitre.oval:def:10734Unspecified vulnerability in scripting language support in Sun Java Runtime E...
oval:org.mitre.oval:def:11102Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 befo...
oval:org.mitre.oval:def:9755Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Updat...
oval:org.mitre.oval:def:22711ELSA-2008:0955: java-1.4.2-ibm security update (Critical)
oval:org.mitre.oval:def:22662ELSA-2008:0790: java-1.5.0-ibm security update (Critical)
oval:org.mitre.oval:def:22640ELSA-2008:0595: java-1.5.0-sun security update (Critical)
oval:org.mitre.oval:def:22389ELSA-2008:0594: java-1.6.0-sun security update (Critical)
oval:org.mitre.oval:def:22274ELSA-2008:0906: java-1.6.0-ibm security update (Critical)
oval:org.mitre.oval:def:6409Multiple Security Vulnerabilities in Java Web Start and Java Plug-in May Allo...
oval:org.mitre.oval:def:6627Sun Java Multiple Code Execution and Security Bypass Vulnerabilities
oval:org.mitre.oval:def:6529Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and ...
oval:org.mitre.oval:def:6359Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Ja...
oval:org.mitre.oval:def:5924Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
oval:org.mitre.oval:def:6249Sun Java Web Start and Java Plug-in applet class security bypass
oval:org.mitre.oval:def:6059Sun Java Runtime Environment (JRE) Lets Remote Users Access 'localhost'

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
56984Apache Xerces2 Java Malformed XML Input DoS
56788Sun Java JDK / JRE Audio System Unauthorized java.lang.System Properties Access
56787Sun Java JDK / JRE WebStart (javaws.exe) JPEG Decompression Overflow
56786Sun Java JDK / JRE Pack200 JAR File Decoding Inner Class Count Overflow
56785Sun Java JDK / JRE Proxy Mechanism Implementation Arbitrary Host Connection
Hide | Show 20 More...
idDescription
56784Sun Java JDK / JRE Proxy Mechanism Implementation Unauthorized Browser Cookie...
56783Sun Java JDK / JRE SOCKS Proxy Implementation Applet Process Owner Disclosure
50517Sun Java JDK / JRE TrueType Font Processing Integer Overflow
50516Sun Java JDK / JRE TrueType Font Processing Heap Overflow
50515Sun Java JDK / JRE GIF Image Decoding Memory Corruption
50514Sun Java JDK / JRE Java Web Start BasicService Arbitrary File Access
50513Sun Java JDK / JRE Applet Classloading Privilege Escalation
50512Sun Java JDK / JRE Jave Web Start / Plug-in HTTP Session Hijacking
50511Sun Java JDK / JRE Java Web Start SingleInstanceImpl Class SI_FILEDIR Propert...
50510Sun Java JDK / JRE Java Web Start (JWS) JNLP File System Properties Override ...
50509Sun Java JDK / JRE Java Web Start Application file: Protocol Arbitrary File A...
50508Sun Java JRE LocalHost Network Access Restriction Bypass
50506Sun Java JDK / JRE JAX-WS / JAXB Packages Internal Classes Applet Privilege E...
50505Sun Java JDK / JRE Kerberos Authentication Unspecified Remote DoS
50504Sun Java JDK / JRE RSA Public Key Processing Resource Consumption DoS
50503Sun Java JDK / JRE Untrusted Applet User Home Directory Content Listing
50502Sun Java JDK / JRE UTF-8 Decoder Non-shortest Form Sequence Handling Weakness
50501Sun Java JDK / JRE Unpack200 JAR Utility Privilege Escalation
50500Sun Java JDK / JRE Deserializing Calendar Object Privilege Escalation
50499Sun Java JDK / JRE Command Line Application Overflow

ExploitDB Exploits

idDescription
16302Signed Applet Social Engineering Code Exec
16293Sun Java Calendar Deserialization Exploit
9948Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserializati...
8753Mac OS X Java applet Remote Deserialization Remote PoC (updated)

Metasploit Exploits

idDescription
2008-12-03Sun Java Calendar Deserialization Privilege Escalation

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-06-06Name : RedHat Update for xerces-j2 RHSA-2011:0858-01
File : nvt/gb_RHSA-2011_0858-01_xerces-j2.nasl
2011-08-09Name : CentOS Update for xerces-j2 CESA-2009:1615 centos5 i386
File : nvt/gb_CESA-2009_1615_xerces-j2_centos5_i386.nasl
2011-08-09Name : CentOS Update for java CESA-2009:1201 centos5 i386
File : nvt/gb_CESA-2009_1201_java_centos5_i386.nasl
2011-06-20Name : Mandriva Update for xerces-j2 MDVSA-2011:108 (xerces-j2)
File : nvt/gb_mandriva_MDVSA_2011_108.nasl
2010-10-10Name : FreeBSD Ports: apr
File : nvt/freebsd_apr0.nasl
Hide | Show 20 More...
idDescription
2010-05-28Name : Java for Mac OS X 10.5 Update 2
File : nvt/macosx_java_for_10_5_upd_2.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 3
File : nvt/macosx_java_for_10_5_upd_3.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 4
File : nvt/macosx_java_for_10_5_upd_4.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 5
File : nvt/macosx_java_for_10_5_upd_5.nasl
2010-04-16Name : Ubuntu Update for cmake vulnerabilities USN-890-6
File : nvt/gb_ubuntu_USN_890_6.nasl
2010-02-19Name : Ubuntu Update for xmlrpc-c vulnerabilities USN-890-5
File : nvt/gb_ubuntu_USN_890_5.nasl
2010-01-29Name : Ubuntu Update for python-xml vulnerabilities USN-890-4
File : nvt/gb_ubuntu_USN_890_4.nasl
2010-01-25Name : Ubuntu Update for python2.4 vulnerabilities USN-890-3
File : nvt/gb_ubuntu_USN_890_3.nasl
2010-01-22Name : Ubuntu Update for expat vulnerabilities USN-890-1
File : nvt/gb_ubuntu_USN_890_1.nasl
2010-01-22Name : Ubuntu Update for python2.5 vulnerabilities USN-890-2
File : nvt/gb_ubuntu_USN_890_2.nasl
2010-01-15Name : Mandriva Update for davfs MDVSA-2009:220-1 (davfs)
File : nvt/gb_mandriva_MDVSA_2009_220_1.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-1 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_1.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-2 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_2.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-3 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_3.nasl
2009-12-30Name : CentOS Security Advisory CESA-2009:1615 (xerces-j2)
File : nvt/ovcesa2009_1615.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:211-1 (expat)
File : nvt/mdksa_2009_211_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:212-1 (python)
File : nvt/mdksa_2009_212_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:213-1 (wxgtk)
File : nvt/mdksa_2009_213_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:215-1 (audacity)
File : nvt/mdksa_2009_215_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:217-3 (mozilla-thunderbird)
File : nvt/mdksa_2009_217_3.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2012-A-0136Multiple Vulnerabilities in Juniper Network Management Products
Severity : Category I - VMSKEY : V0033662
2009-A-0105Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0021867

Snort® IPS/IDS

DateDescription
2014-01-10Phoenix exploit kit post-compromise behavior
RuleID : 21860 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Phoenix exploit kit landing page
RuleID : 21640 - Type : EXPLOIT-KIT - Revision : 5
2014-01-10Oracle Java calendar deserialize vulnerability
RuleID : 20238 - Type : SERVER-OTHER - Revision : 4
2014-01-10Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow
RuleID : 17563 - Type : FILE-JAVA - Revision : 8
2014-01-10Oracle Java Runtime Environment Pack200 Decompression Integer Overflow attempt
RuleID : 17562 - Type : FILE-JAVA - Revision : 9
Hide | Show 1 More...
DateDescription
2014-01-10Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt
RuleID : 17395 - Type : FILE-IMAGE - Revision : 10

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-12-15Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15905.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2012-1537.nasl - Type : ACT_GATHER_INFO
2013-09-13Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_psn_2012_08_689.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1615.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0858.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1201.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host has an application that is affected by multiple vulnerab...
File : sun_java_j2se_4_2_18_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host contains a runtime environment that is affected by multi...
File : sun_java_jre_244986_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host contains a runtime environment that is affected by multi...
File : sun_java_jre_263408_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host has an application that is affected by multiple vulnerab...
File : sun_java_jre_5_16_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host has an application that is affected by multiple vulnerab...
File : sun_java_jre_6_7_unix.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0594.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1636.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1637.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1649.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1650.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0245.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0267.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090117_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110608_xerces_j2_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090806_java_1_6_0_openjdk_on_SL5_3.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090824_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080714_java__jdk_1_5_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091130_xerces_j2_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-06-14Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-108.nasl - Type : ACT_GATHER_INFO