This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:sun:jre:1.4.2_17
Detail
VendorSunFirst view 2008-07-09
ProductJreLast view 2013-02-01
Version1.4.2_17TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:sun:jre

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
10 2013-02-01 CVE-2013-1481 Network Low None Requ...
10 2013-02-01 CVE-2013-1480 Network Low None Requ...
10 2013-02-01 CVE-2013-1478 Network Low None Requ...
10 2013-02-01 CVE-2013-1476 Network Low None Requ...
10 2013-02-01 CVE-2013-1475 Network Low None Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4 2013-02-01 CVE-2013-0443 Network High None Requ...
10 2013-02-01 CVE-2013-0442 Network Low None Requ...
10 2013-02-01 CVE-2013-0441 Network Low None Requ...
5 2013-02-01 CVE-2013-0440 Network Low None Requ...
5 2013-02-01 CVE-2013-0434 Network Low None Requ...
6.4 2013-02-01 CVE-2013-0432 Network Low None Requ...
10 2013-02-01 CVE-2013-0428 Network Low None Requ...
10 2013-02-01 CVE-2013-0426 Network Low None Requ...
10 2013-02-01 CVE-2013-0425 Network Low None Requ...
5 2013-02-01 CVE-2013-0424 Network Low None Requ...
7.6 2012-10-16 CVE-2012-5089 Network High None Requ...
0 2012-10-16 CVE-2012-5085 Network Medium Requires ...
7.6 2012-10-16 CVE-2012-5084 Network High None Requ...
10 2012-10-16 CVE-2012-5083 Network Low None Requ...
5 2012-10-16 CVE-2012-5081 Network Low None Requ...
5 2012-10-16 CVE-2012-5079 Network Low None Requ...
2.6 2012-10-16 CVE-2012-5077 Network High None Requ...
5 2012-10-16 CVE-2012-5073 Network Low None Requ...
2.6 2012-10-16 CVE-2012-3216 Network High None Requ...

CWE : Common Weakness Enumeration

%idName
35% (11)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
19% (6)CWE-264Permissions, Privileges, and Access Controls
16% (5)CWE-200Information Exposure
6% (2)CWE-399Resource Management Errors
6% (2)CWE-189Numeric Errors
Hide | Show 5 More...
%idName
3% (1)CWE-310Cryptographic Issues
3% (1)CWE-287Improper Authentication
3% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
3% (1)CWE-20Improper Input Validation
3% (1)CWE-16Configuration

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:5601Java Web Start Bugs Let Remote Users Read/Write Files, Execute Arbitrary Code...
oval:org.mitre.oval:def:9565Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in...
oval:org.mitre.oval:def:10219Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environm...
oval:org.mitre.oval:def:10541Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Updat...
oval:org.mitre.oval:def:11102Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 befo...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:10454Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Upd...
oval:org.mitre.oval:def:9755Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Updat...
oval:org.mitre.oval:def:22711ELSA-2008:0955: java-1.4.2-ibm security update (Critical)
oval:org.mitre.oval:def:22662ELSA-2008:0790: java-1.5.0-ibm security update (Critical)
oval:org.mitre.oval:def:22640ELSA-2008:0595: java-1.5.0-sun security update (Critical)
oval:org.mitre.oval:def:22389ELSA-2008:0594: java-1.6.0-sun security update (Critical)
oval:org.mitre.oval:def:22274ELSA-2008:0906: java-1.6.0-ibm security update (Critical)
oval:org.mitre.oval:def:6409Multiple Security Vulnerabilities in Java Web Start and Java Plug-in May Allo...
oval:org.mitre.oval:def:6627Sun Java Multiple Code Execution and Security Bypass Vulnerabilities
oval:org.mitre.oval:def:6529Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and ...
oval:org.mitre.oval:def:6359Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Ja...
oval:org.mitre.oval:def:5924Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
oval:org.mitre.oval:def:6249Sun Java Web Start and Java Plug-in applet class security bypass
oval:org.mitre.oval:def:6059Sun Java Runtime Environment (JRE) Lets Remote Users Access 'localhost'
oval:org.mitre.oval:def:6629Sun Java Runtime Environment zip File Processing Bug Lets Remote Users Read M...
oval:org.mitre.oval:def:6549Sun Java Runtime Environment and Java Development Kit Multiple Security Vulne...
oval:org.mitre.oval:def:6424Sun Java Runtime Environment Lets Remote Users View Directory Contents
oval:org.mitre.oval:def:6212Java Runtime Environment UTF-8 Decoding Bug May Let Users Bypass Access Restr...
oval:org.mitre.oval:def:6511Sun Java Runtime Environment 'Calendar.readObject' Bug Lets Remote Applets Ga...
oval:org.mitre.oval:def:6537Sun Java Runtime Environment JAR Main-Class manifest entry buffer overflow

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
76511Oracle Java SE JRE Networking Component Unspecified Remote Information Disclo...
76507Oracle Java SE JRE JSSE Component Unspecified Remote Issue
76506Oracle Java SE JRE RMI Component Unspecified Remote Issue (2011-3557)
76505Oracle Java SE JRE RMI Component Unspecified Remote Issue (2011-3556)
76501Oracle Java SE JRE Swing Component Unspecified Remote Issue
Hide | Show 20 More...
idDescription
76499Oracle Java SE JRE jsound.dll MixerSequencer.nAddControllerEventCallback Func...
76497Oracle Java SE JRE Networking Component java.net.Socket API UDP Socket Satura...
76495Oracle Java SE JRE AWT Component Unspecified Remote Issue (2011-3548)
73176Oracle Java SE / JRE AWT FileDialog.show() String Copy Overflow
73085Oracle Java SE / JRE Deserialization Unspecified Remote Issue
73083Oracle Java SE / JRE Networking Unspecified Remote Information Disclosure
73080Oracle Java SE / JRE Java Web Start DLL Search Path Subversion Arbitrary DLL ...
73077Oracle Java SE / JRE Swing Unspecified Remote Code Execution
73076Oracle Java SE / JRE Soundbank Pointer Dereference Overflow
73075Oracle Java SE / JRE Soundbank Compressed Data Handling Overflow
73074Oracle Java SE / JRE Hotspot Unspecified Remote Code Execution
73071Oracle Java SE / JRE AWT Unspecified Remote Code Execution
73069Oracle Java SE / JRE ICC Profile Multiple Tag Parsing Memory Corruption
71621Oracle Java SE / Java for Business Networking Unspecified Remote DoS
71620Oracle Java SE / Java for Business Launcher Unspecified Local Issue
71618Oracle Java SE / Java for Business Deployment Unspecified Remote Information ...
71617Oracle Java SE / Java for Business Deployment Unspecified Remote Information ...
71614Oracle Java SE / Java for Business Deployment Java Runtime WWW-Authenticate R...
71611Oracle Java SE / Java for Business Sound Unspecified Remote Compromise (2010-...
71610Oracle Java SE / Java for Business Hotspot Unspecified Remote Compromise

ExploitDB Exploits

idDescription
18485Java MixerSequencer Object GM_Song Structure Handling Vulnerability
16302Signed Applet Social Engineering Code Exec
16298Sun Java JRE AWT setDiffICM Buffer Overflow
16297Java Statement.invoke() Trusted Method Chain Exploit
16294Sun Java JRE getSoundbank file:// URI Buffer Overflow
Hide | Show 3 More...
idDescription
16293Sun Java Calendar Deserialization Exploit
9948Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserializati...
8753Mac OS X Java applet Remote Deserialization Remote PoC (updated)

Metasploit Exploits

idDescription
2009-11-04Sun Java JRE getSoundbank file:// URI Buffer Overflow
2009-11-04Sun Java JRE AWT setDiffICM Buffer Overflow
2008-12-03Sun Java Calendar Deserialization Privilege Escalation
2010-03-31Java Statement.invoke() Trusted Method Chain Privilege Escalation
2010-03-30Java MixerSequencer Object GM_Song Structure Handling Vulnerability
Hide | Show 1 More...
idDescription
2012-08-26Java 7 Applet Remote Code Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-12-13Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:0828-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_0828_1.nasl
2012-12-13Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1423-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_1423_1.nasl
2012-12-13Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1424-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_1424_1.nasl
2012-11-02Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:169 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2012_169.nasl
2012-10-29Name : Ubuntu Update for openjdk-7 USN-1619-1
File : nvt/gb_ubuntu_USN_1619_1.nasl
Hide | Show 20 More...
idDescription
2012-10-19Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1384-01
File : nvt/gb_RHSA-2012_1384-01_java-1.6.0-openjdk.nasl
2012-10-19Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1385-01
File : nvt/gb_RHSA-2012_1385-01_java-1.6.0-openjdk.nasl
2012-10-19Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1386-01
File : nvt/gb_RHSA-2012_1386-01_java-1.7.0-openjdk.nasl
2012-10-19Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Oct (Windows)
File : nvt/gb_oracle_java_se_mult_vuln01_oct12_win.nasl
2012-10-19Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16346
File : nvt/gb_fedora_2012_16346_java-1.7.0-openjdk_fc17.nasl
2012-10-19Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 oct12 (Windows)
File : nvt/gb_oracle_java_se_mult_vuln02_oct12_win.nasl
2012-10-19Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-16351
File : nvt/gb_fedora_2012_16351_java-1.6.0-openjdk_fc16.nasl
2012-10-19Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16351
File : nvt/gb_fedora_2012_16351_java-1.7.0-openjdk_fc16.nasl
2012-10-19Name : CentOS Update for java CESA-2012:1384 centos6
File : nvt/gb_CESA-2012_1384_java_centos6.nasl
2012-10-19Name : CentOS Update for java CESA-2012:1385 centos5
File : nvt/gb_CESA-2012_1385_java_centos5.nasl
2012-10-19Name : CentOS Update for java CESA-2012:1386 centos6
File : nvt/gb_CESA-2012_1386_java_centos6.nasl
2012-09-22Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-13127
File : nvt/gb_fedora_2012_13127_java-1.6.0-openjdk_fc16.nasl
2012-09-21Name : Java for Mac OS X 10.6 Update 10
File : nvt/gb_macosx_java_10_6_upd_10.nasl
2012-09-06Name : Ubuntu Update for icedtea-web USN-1505-2
File : nvt/gb_ubuntu_USN_1505_2.nasl
2012-09-04Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1223-01
File : nvt/gb_RHSA-2012_1223-01_java-1.7.0-openjdk.nasl
2012-09-04Name : CentOS Update for java CESA-2012:1223 centos6
File : nvt/gb_CESA-2012_1223_java_centos6.nasl
2012-09-04Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13131
File : nvt/gb_fedora_2012_13131_java-1.7.0-openjdk_fc17.nasl
2012-09-04Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13138
File : nvt/gb_fedora_2012_13138_java-1.7.0-openjdk_fc16.nasl
2012-09-03Name : Oracle Java SE JRE AWT Component Unspecified Vulnerability - (Windows)
File : nvt/gb_oracle_java_se_jre_awt_comp_unspecified_vuln_win.nasl
2012-09-03Name : Oracle Java SE JRE Multiple Remote Code Execution Vulnerabilities - (Windows)
File : nvt/gb_oracle_java_se_jre_mult_code_exec_vuln_win.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2012-A-0153Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0033884
2012-A-0146Multiple Vulnerabilities in VMware vCenter Update Manager 4.1
Severity : Category I - VMSKEY : V0033792
2012-A-0147Multiple Vulnerabilities in VMware vCenter Server 4.1
Severity : Category I - VMSKEY : V0033793
2012-A-0148Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0033794
2012-A-0136Multiple Vulnerabilities in Juniper Network Management Products
Severity : Category I - VMSKEY : V0033662
Hide | Show 6 More...
idDescription
2012-B-0048Multiple Vulnerabilities in HP Systems Insight Manager
Severity : Category I - VMSKEY : V0032178
2012-A-0048Multiple Vulnerabilities in VMware vCenter Update Manager 5.0
Severity : Category I - VMSKEY : V0031901
2011-A-0173Multiple Vulnerabilities in VMware ESX 4.0
Severity : Category I - VMSKEY : V0030824
2011-A-0160Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana...
Severity : Category I - VMSKEY : V0030769
2011-A-0066Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158
2009-A-0105Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0021867

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-03-13Java FileDialog heap buffer overflow attempt
RuleID : 29643 - Type : MALWARE-OTHER - Revision : 1
2014-03-13Java FileDialog heap buffer overflow attempt
RuleID : 29642 - Type : MALWARE-OTHER - Revision : 1
2014-03-13Java FileDialog heap buffer overflow attempt
RuleID : 29641 - Type : MALWARE-OTHER - Revision : 1
2014-03-13Java FileDialog heap buffer overflow attempt
RuleID : 29640 - Type : MALWARE-OTHER - Revision : 1
2014-02-21Styx exploit kit eot outbound connection
RuleID : 29453 - Type : EXPLOIT-KIT - Revision : 1
Hide | Show 20 More...
DateDescription
2014-02-21Styx exploit kit landing page request
RuleID : 29452 - Type : EXPLOIT-KIT - Revision : 1
2014-02-21Styx exploit kit outbound jar request
RuleID : 29451 - Type : EXPLOIT-KIT - Revision : 2
2014-02-21Styx exploit kit outbound connection attempt
RuleID : 29450 - Type : EXPLOIT-KIT - Revision : 1
2014-02-21Styx exploit kit landing page
RuleID : 29449 - Type : EXPLOIT-KIT - Revision : 1
2014-02-21Styx exploit kit landing page
RuleID : 29448 - Type : EXPLOIT-KIT - Revision : 1
2014-02-21Styx exploit kit jar outbound connection
RuleID : 29446 - Type : EXPLOIT-KIT - Revision : 2
2014-02-21Styx exploit kit fonts download page
RuleID : 29445 - Type : EXPLOIT-KIT - Revision : 1
2014-01-30Stamp exploit kit PDF exploit retrieval attempt
RuleID : 29131 - Type : EXPLOIT-KIT - Revision : 1
2014-01-30Stamp exploit kit malicious payload download attempt
RuleID : 29130 - Type : EXPLOIT-KIT - Revision : 1
2014-01-30Stamp exploit kit jar exploit download - specific structure
RuleID : 29129 - Type : EXPLOIT-KIT - Revision : 1
2014-01-30Stamp exploit kit plugin detection page
RuleID : 29128 - Type : EXPLOIT-KIT - Revision : 1
2014-01-10Styx exploit kit landing page request
RuleID : 28478 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10Styx exploit kit outbound pdf request
RuleID : 28477 - Type : EXPLOIT-KIT - Revision : 1
2014-01-10Multiple exploit kit Payload detection - readme.dll
RuleID : 27898 - Type : EXPLOIT-KIT - Revision : 1
2014-01-10Multiple exploit kit Payload detection - calc.dll
RuleID : 27897 - Type : EXPLOIT-KIT - Revision : 1
2014-01-10Multiple exploit kit Payload detection - contacts.dll
RuleID : 27896 - Type : EXPLOIT-KIT - Revision : 1
2014-01-10Multiple exploit kit Payload detection - info.dll
RuleID : 27895 - Type : EXPLOIT-KIT - Revision : 1
2014-01-10Multiple exploit kit Payload detection - about.dll
RuleID : 27894 - Type : EXPLOIT-KIT - Revision : 1
2014-01-10Blackholev2/Darkleech exploit kit landing page request
RuleID : 27865-community - Type : EXPLOIT-KIT - Revision : 6
2014-01-10Blackholev2/Darkleech exploit kit landing page request
RuleID : 27865 - Type : EXPLOIT-KIT - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-08-22Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_jsa10642.nasl - Type : ACT_GATHER_INFO
2014-07-22Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_jrockit_cpu_apr_2012.nasl - Type : ACT_GATHER_INFO
2014-07-18Name : The remote Windows host contains a programming platform that is potentially a...
File : oracle_jrockit_cpu_oct_2012.nasl - Type : ACT_GATHER_INFO
2014-06-30Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-592.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_icedtea-web-110627.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-749.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_java-1_6_0-openjdk-101103.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-754.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-755.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_java-1_6_0-openjdk-110228.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_java-1_6_0-openjdk-111025.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_java-1_6_0-sun-101019.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_java-1_6_0-sun-110217.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_java-1_6_0-sun-110608.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_java-1_6_0-sun-111024.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-136.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_icedtea-web-110627.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_java-1_6_0-openjdk-111025.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_java-1_6_0-openjdk-120222.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_java-1_6_0-sun-110314.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_java-1_6_0-sun-110608.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_java-1_6_0-sun-111024.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-131.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-165.nasl - Type : ACT_GATHER_INFO