This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:sun:jre:1.4.2_17 |
| Detail | |||
|---|---|---|---|
| Vendor | Sun | First view | 2008-07-09 |
| Product | Jre | Last view | 2013-02-01 |
| Version | 1.4.2_17 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:sun:jre | ||
Activity : Yearly
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 10 | 2013-02-01 | CVE-2013-1481 | Network | Low | None Requ... | |
| 10 | 2013-02-01 | CVE-2013-1480 | Network | Low | None Requ... | |
| 10 | 2013-02-01 | CVE-2013-1478 | Network | Low | None Requ... | |
| 10 | 2013-02-01 | CVE-2013-1476 | Network | Low | None Requ... | |
| 10 | 2013-02-01 | CVE-2013-1475 | Network | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 4 | 2013-02-01 | CVE-2013-0443 | Network | High | None Requ... | |
| 10 | 2013-02-01 | CVE-2013-0442 | Network | Low | None Requ... | |
| 10 | 2013-02-01 | CVE-2013-0441 | Network | Low | None Requ... | |
| 5 | 2013-02-01 | CVE-2013-0440 | Network | Low | None Requ... | |
| 5 | 2013-02-01 | CVE-2013-0434 | Network | Low | None Requ... | |
| 6.4 | 2013-02-01 | CVE-2013-0432 | Network | Low | None Requ... | |
| 10 | 2013-02-01 | CVE-2013-0428 | Network | Low | None Requ... | |
| 10 | 2013-02-01 | CVE-2013-0426 | Network | Low | None Requ... | |
| 10 | 2013-02-01 | CVE-2013-0425 | Network | Low | None Requ... | |
| 5 | 2013-02-01 | CVE-2013-0424 | Network | Low | None Requ... | |
| 7.6 | 2012-10-16 | CVE-2012-5089 | Network | High | None Requ... | |
| 0 | 2012-10-16 | CVE-2012-5085 | Network | Medium | Requires ... | |
| 7.6 | 2012-10-16 | CVE-2012-5084 | Network | High | None Requ... | |
| 10 | 2012-10-16 | CVE-2012-5083 | Network | Low | None Requ... | |
| 5 | 2012-10-16 | CVE-2012-5081 | Network | Low | None Requ... | |
| 5 | 2012-10-16 | CVE-2012-5079 | Network | Low | None Requ... | |
| 2.6 | 2012-10-16 | CVE-2012-5077 | Network | High | None Requ... | |
| 5 | 2012-10-16 | CVE-2012-5073 | Network | Low | None Requ... | |
| 2.6 | 2012-10-16 | CVE-2012-3216 | Network | High | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 35% (11) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 19% (6) | CWE-264 | Permissions, Privileges, and Access Controls |
| 16% (5) | CWE-200 | Information Exposure |
| 6% (2) | CWE-399 | Resource Management Errors |
| 6% (2) | CWE-189 | Numeric Errors |
| % | id | Name |
|---|---|---|
| 3% (1) | CWE-310 | Cryptographic Issues |
| 3% (1) | CWE-287 | Improper Authentication |
| 3% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 3% (1) | CWE-20 | Improper Input Validation |
| 3% (1) | CWE-16 | Configuration |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:5601 | Java Web Start Bugs Let Remote Users Read/Write Files, Execute Arbitrary Code... |
| oval:org.mitre.oval:def:9565 | Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in... |
| oval:org.mitre.oval:def:10219 | Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environm... |
| oval:org.mitre.oval:def:10541 | Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Updat... |
| oval:org.mitre.oval:def:11102 | Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 befo... |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:10454 | Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Upd... |
| oval:org.mitre.oval:def:9755 | Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Updat... |
| oval:org.mitre.oval:def:6409 | Multiple Security Vulnerabilities in Java Web Start and Java Plug-in May Allo... |
| oval:org.mitre.oval:def:6627 | Sun Java Multiple Code Execution and Security Bypass Vulnerabilities |
| oval:org.mitre.oval:def:6529 | Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and ... |
| oval:org.mitre.oval:def:6359 | Unspecified vunerability in the BasicService for Java Web Start (JWS) and Jav... |
| oval:org.mitre.oval:def:5924 | Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability |
| oval:org.mitre.oval:def:6249 | Sun Java Web Start and Java Plug-in applet class security bypass |
| oval:org.mitre.oval:def:6059 | Sun Java Runtime Environment (JRE) Lets Remote Users Access 'localhost' |
| oval:org.mitre.oval:def:6629 | Sun Java Runtime Environment zip File Processing Bug Lets Remote Users Read M... |
| oval:org.mitre.oval:def:6549 | Sun Java Runtime Environment and Java Development Kit Multiple Security Vulne... |
| oval:org.mitre.oval:def:6424 | Sun Java Runtime Environment Lets Remote Users View Directory Contents |
| oval:org.mitre.oval:def:6212 | Java Runtime Environment UTF-8 Decoding Bug May Let Users Bypass Access Restr... |
| oval:org.mitre.oval:def:6511 | Sun Java Runtime Environment 'Calendar.readObject' Bug Lets Remote Applets Ga... |
| oval:org.mitre.oval:def:6537 | Sun Java Runtime Environment JAR Main-Class manifest entry buffer overflow |
| oval:org.mitre.oval:def:5664 | Sun Java Runtime Environment Java Update Fails to Validate Digital Signatures |
| oval:org.mitre.oval:def:6494 | Sun Java Runtime Environment TrueType font buffer overflow |
| oval:org.mitre.oval:def:6505 | Sun Java Runtime Environment TrueType font integer overflow |
| oval:org.mitre.oval:def:5841 | Sun Java Runtime Environment image processing code buffer overflow |
| oval:org.mitre.oval:def:6596 | Sun Java Runtime Environment temporary files weak security |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 76511 | Oracle Java SE JRE Networking Component Unspecified Remote Information Disclo... |
| 76507 | Oracle Java SE JRE JSSE Component Unspecified Remote Issue |
| 76506 | Oracle Java SE JRE RMI Component Unspecified Remote Issue (2011-3557) |
| 76505 | Oracle Java SE JRE RMI Component Unspecified Remote Issue (2011-3556) |
| 76501 | Oracle Java SE JRE Swing Component Unspecified Remote Issue |
| id | Description |
|---|---|
| 76499 | Oracle Java SE JRE jsound.dll MixerSequencer.nAddControllerEventCallback Func... |
| 76497 | Oracle Java SE JRE Networking Component java.net.Socket API UDP Socket Satura... |
| 76495 | Oracle Java SE JRE AWT Component Unspecified Remote Issue (2011-3548) |
| 73176 | Oracle Java SE / JRE AWT FileDialog.show() String Copy Overflow |
| 73085 | Oracle Java SE / JRE Deserialization Unspecified Remote Issue |
| 73083 | Oracle Java SE / JRE Networking Unspecified Remote Information Disclosure |
| 73080 | Oracle Java SE / JRE Java Web Start DLL Search Path Subversion Arbitrary DLL ... |
| 73077 | Oracle Java SE / JRE Swing Unspecified Remote Code Execution |
| 73076 | Oracle Java SE / JRE Soundbank Pointer Dereference Overflow |
| 73075 | Oracle Java SE / JRE Soundbank Compressed Data Handling Overflow |
| 73074 | Oracle Java SE / JRE Hotspot Unspecified Remote Code Execution |
| 73071 | Oracle Java SE / JRE AWT Unspecified Remote Code Execution |
| 73069 | Oracle Java SE / JRE ICC Profile Multiple Tag Parsing Memory Corruption |
| 71621 | Oracle Java SE / Java for Business Networking Unspecified Remote DoS |
| 71620 | Oracle Java SE / Java for Business Launcher Unspecified Local Issue |
| 71618 | Oracle Java SE / Java for Business Deployment Unspecified Remote Information ... |
| 71617 | Oracle Java SE / Java for Business Deployment Unspecified Remote Information ... |
| 71614 | Oracle Java SE / Java for Business Deployment Java Runtime WWW-Authenticate R... |
| 71611 | Oracle Java SE / Java for Business Sound Unspecified Remote Compromise (2010-... |
| 71610 | Oracle Java SE / Java for Business Hotspot Unspecified Remote Compromise |
ExploitDB Exploits
| id | Description |
|---|---|
| 18485 | Java MixerSequencer Object GM_Song Structure Handling Vulnerability |
| 16302 | Signed Applet Social Engineering Code Exec |
| 16298 | Sun Java JRE AWT setDiffICM Buffer Overflow |
| 16297 | Java Statement.invoke() Trusted Method Chain Exploit |
| 16294 | Sun Java JRE getSoundbank file:// URI Buffer Overflow |
| id | Description |
|---|---|
| 16293 | Sun Java Calendar Deserialization Exploit |
| 9948 | Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserialization ... |
| 8753 | Mac OS X Java applet Remote Deserialization Remote PoC (updated) |
Metasploit Exploits
| id | Description |
|---|---|
| 2009-11-04 | Sun Java JRE getSoundbank file:// URI Buffer Overflow |
| 2009-11-04 | Sun Java JRE AWT setDiffICM Buffer Overflow |
| 2008-12-03 | Sun Java Calendar Deserialization Privilege Escalation |
| 2010-03-31 | Java Statement.invoke() Trusted Method Chain Privilege Escalation |
| 2010-03-30 | Java MixerSequencer Object GM_Song Structure Handling Vulnerability |
| id | Description |
|---|---|
| 2012-08-26 | Java 7 Applet Remote Code Execution |
