This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:sun:jre:6:update_5
Detail
VendorSunFirst view 2008-07-09
ProductJreLast view2009-08-06
Version6TypeApplication
Edition 
Language 
Updateupdate_5 
 
CPE Productcpe:/a:sun:jre

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
52009-08-06CVE-2009-2625NetworkLowNone Requ...
102009-08-05CVE-2009-2675NetworkLowNone Requ...
7.52009-08-05CVE-2009-2674NetworkLowNone Requ...
7.52009-08-05CVE-2009-2673NetworkLowNone Requ...
7.52009-08-05CVE-2009-2672NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52009-08-05CVE-2009-2671NetworkLowNone Requ...
52009-08-05CVE-2009-2670NetworkLowNone Requ...
6.42008-12-05CVE-2008-5360NetworkLowNone Requ...
9.32008-12-05CVE-2008-5359NetworkMediumNone Requ...
9.32008-12-05CVE-2008-5358NetworkMediumNone Requ...
9.32008-12-05CVE-2008-5357NetworkMediumNone Requ...
9.32008-12-05CVE-2008-5356NetworkMediumNone Requ...
102008-12-05CVE-2008-5355NetworkLowNone Requ...
9.32008-12-05CVE-2008-5354NetworkMediumNone Requ...
102008-12-05CVE-2008-5353NetworkLowNone Requ...
9.32008-12-05CVE-2008-5352NetworkMediumNone Requ...
7.52008-12-05CVE-2008-5351NetworkLowNone Requ...
52008-12-05CVE-2008-5350NetworkLowNone Requ...
7.12008-12-05CVE-2008-5349NetworkMediumNone Requ...
7.12008-12-05CVE-2008-5348NetworkMediumNone Requ...
7.52008-12-05CVE-2008-5347NetworkLowNone Requ...
7.52008-12-05CVE-2008-5345NetworkLowNone Requ...
7.52008-12-05CVE-2008-5344NetworkLowNone Requ...
92008-12-05CVE-2008-5343NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
55% (16)CWE-264Permissions, Privileges, and Access Controls
13% (4)CWE-200Information Exposure
13% (4)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
6% (2)CWE-189Numeric Errors
3% (1)CWE-287Improper Authentication
Hide | Show 2 More...
%idName
3% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
3% (1)CWE-16Configuration

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:6249Sun Java Web Start and Java Plug-in applet class security bypass
oval:org.mitre.oval:def:11274Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtim...
oval:org.mitre.oval:def:8022HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other...
oval:org.mitre.oval:def:11326The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 befor...
oval:org.mitre.oval:def:6409Multiple Security Vulnerabilities in Java Web Start and Java Plug-in May Allo...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:10920Unspecified vulnerability in the Java Management Extensions (JMX) management ...
oval:org.mitre.oval:def:22657ELSA-2008:0891: java-1.5.0-ibm security update (Moderate)
oval:org.mitre.oval:def:6529Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and ...
oval:org.mitre.oval:def:6627Sun Java Multiple Code Execution and Security Bypass Vulnerabilities
oval:org.mitre.oval:def:5841Sun Java Runtime Environment image processing code buffer overflow
oval:org.mitre.oval:def:5843Sun Java Runtime Environment RSA Public Key Processing Bug Lets Remote Users ...
oval:org.mitre.oval:def:5924Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
oval:org.mitre.oval:def:6383Sun Java Runtime Environment Buffer Overflow in unpack200 Utility Lets Remote...
oval:org.mitre.oval:def:6549Sun Java Runtime Environment and Java Development Kit Multiple Security Vulne...
oval:org.mitre.oval:def:5664Sun Java Runtime Environment Java Update Fails to Validate Digital Signatures
oval:org.mitre.oval:def:6505Sun Java Runtime Environment TrueType font integer overflow
oval:org.mitre.oval:def:6596Sun Java Runtime Environment temporary files weak security
oval:org.mitre.oval:def:13408USN-713-1 -- openjdk-6 vulnerabilities
oval:org.mitre.oval:def:22731ELSA-2009:0015: java-1.6.0-ibm security update (Critical)
oval:org.mitre.oval:def:22521ELSA-2008:1025: java-1.5.0-sun security update (Critical)
oval:org.mitre.oval:def:22263ELSA-2008:1018: java-1.6.0-sun security update (Critical)
oval:org.mitre.oval:def:22126ELSA-2009:0016: java-1.5.0-ibm security update (Critical)
oval:org.mitre.oval:def:21870ELSA-2009:0445: java-1.4.2-ibm security update (Critical)
oval:org.mitre.oval:def:6494Sun Java Runtime Environment TrueType font buffer overflow
oval:org.mitre.oval:def:5601Java Web Start Bugs Let Remote Users Read/Write Files, Execute Arbitrary Code...

SAINT Exploits

DescriptionLink
Java Runtime Environment JAR manifest Main Class buffer overflowMore info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
56984Apache Xerces2 Java Malformed XML Input DoS
56788Sun Java JDK / JRE Audio System Unauthorized java.lang.System Properties Access
56787Sun Java JDK / JRE WebStart (javaws.exe) JPEG Decompression Overflow
56786Sun Java JDK / JRE Pack200 JAR File Decoding Inner Class Count Overflow
56785Sun Java JDK / JRE Proxy Mechanism Implementation Arbitrary Host Connection
Hide | Show 20 More...
idDescription
56784Sun Java JDK / JRE Proxy Mechanism Implementation Unauthorized Browser Cookie...
56783Sun Java JDK / JRE SOCKS Proxy Implementation Applet Process Owner Disclosure
50517Sun Java JDK / JRE TrueType Font Processing Integer Overflow
50516Sun Java JDK / JRE TrueType Font Processing Heap Overflow
50515Sun Java JDK / JRE GIF Image Decoding Memory Corruption
50514Sun Java JDK / JRE Java Web Start BasicService Arbitrary File Access
50513Sun Java JDK / JRE Applet Classloading Privilege Escalation
50512Sun Java JDK / JRE Jave Web Start / Plug-in HTTP Session Hijacking
50511Sun Java JDK / JRE Java Web Start SingleInstanceImpl Class SI_FILEDIR Propert...
50510Sun Java JDK / JRE Java Web Start (JWS) JNLP File System Properties Override ...
50509Sun Java JDK / JRE Java Web Start Application file: Protocol Arbitrary File A...
50508Sun Java JRE LocalHost Network Access Restriction Bypass
50506Sun Java JDK / JRE JAX-WS / JAXB Packages Internal Classes Applet Privilege E...
50505Sun Java JDK / JRE Kerberos Authentication Unspecified Remote DoS
50504Sun Java JDK / JRE RSA Public Key Processing Resource Consumption DoS
50503Sun Java JDK / JRE Untrusted Applet User Home Directory Content Listing
50502Sun Java JDK / JRE UTF-8 Decoder Non-shortest Form Sequence Handling Weakness
50501Sun Java JDK / JRE Unpack200 JAR Utility Privilege Escalation
50500Sun Java JDK / JRE Deserializing Calendar Object Privilege Escalation
50499Sun Java JDK / JRE Command Line Application Overflow

ExploitDB Exploits

idDescription
16302Signed Applet Social Engineering Code Exec
16293Sun Java Calendar Deserialization Exploit
9948Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserializati...
8753Mac OS X Java applet Remote Deserialization Remote PoC (updated)

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-06-06Name : RedHat Update for xerces-j2 RHSA-2011:0858-01
File : nvt/gb_RHSA-2011_0858-01_xerces-j2.nasl
2011-08-09Name : CentOS Update for xerces-j2 CESA-2009:1615 centos5 i386
File : nvt/gb_CESA-2009_1615_xerces-j2_centos5_i386.nasl
2011-08-09Name : CentOS Update for java CESA-2009:1201 centos5 i386
File : nvt/gb_CESA-2009_1201_java_centos5_i386.nasl
2011-06-20Name : Mandriva Update for xerces-j2 MDVSA-2011:108 (xerces-j2)
File : nvt/gb_mandriva_MDVSA_2011_108.nasl
2010-10-10Name : FreeBSD Ports: apr
File : nvt/freebsd_apr0.nasl
Hide | Show 20 More...
idDescription
2010-05-28Name : Java for Mac OS X 10.5 Update 2
File : nvt/macosx_java_for_10_5_upd_2.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 3
File : nvt/macosx_java_for_10_5_upd_3.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 4
File : nvt/macosx_java_for_10_5_upd_4.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 5
File : nvt/macosx_java_for_10_5_upd_5.nasl
2010-04-16Name : Ubuntu Update for cmake vulnerabilities USN-890-6
File : nvt/gb_ubuntu_USN_890_6.nasl
2010-02-19Name : Ubuntu Update for xmlrpc-c vulnerabilities USN-890-5
File : nvt/gb_ubuntu_USN_890_5.nasl
2010-01-29Name : Ubuntu Update for python-xml vulnerabilities USN-890-4
File : nvt/gb_ubuntu_USN_890_4.nasl
2010-01-25Name : Ubuntu Update for python2.4 vulnerabilities USN-890-3
File : nvt/gb_ubuntu_USN_890_3.nasl
2010-01-22Name : Ubuntu Update for expat vulnerabilities USN-890-1
File : nvt/gb_ubuntu_USN_890_1.nasl
2010-01-22Name : Ubuntu Update for python2.5 vulnerabilities USN-890-2
File : nvt/gb_ubuntu_USN_890_2.nasl
2010-01-15Name : Mandriva Update for davfs MDVSA-2009:220-1 (davfs)
File : nvt/gb_mandriva_MDVSA_2009_220_1.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-1 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_1.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-2 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_2.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-3 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_3.nasl
2009-12-30Name : CentOS Security Advisory CESA-2009:1615 (xerces-j2)
File : nvt/ovcesa2009_1615.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:211-1 (expat)
File : nvt/mdksa_2009_211_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:212-1 (python)
File : nvt/mdksa_2009_212_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:213-1 (wxgtk)
File : nvt/mdksa_2009_213_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:215-1 (audacity)
File : nvt/mdksa_2009_215_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:217-3 (mozilla-thunderbird)
File : nvt/mdksa_2009_217_3.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2012-A-0136Multiple Vulnerabilities in Juniper Network Management Products
Severity : Category I - VMSKEY : V0033662
2009-A-0105Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0021867

Snort® IPS/IDS

DateDescription
2014-01-10Phoenix exploit kit post-compromise behavior
RuleID : 21860 - Type : MALWARE-CNC - Revision : 4
2014-01-10Phoenix exploit kit landing page
RuleID : 21640 - Type : EXPLOIT-KIT - Revision : 5
2014-01-10Oracle Java calendar deserialize vulnerability
RuleID : 20238 - Type : SERVER-OTHER - Revision : 4
2014-01-10Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow
RuleID : 17563 - Type : FILE-JAVA - Revision : 12
2014-01-10Oracle Java Runtime Environment Pack200 Decompression Integer Overflow attempt
RuleID : 17562 - Type : FILE-JAVA - Revision : 13
Hide | Show 1 More...
DateDescription
2014-01-10Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt
RuleID : 17395 - Type : FILE-IMAGE - Revision : 14

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2016-11-30Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_18449f92ab3911e68011005056925db4.nasl - Type : ACT_GATHER_INFO
2016-03-08Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0002_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0014_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15905.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-11-08Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2012-1537.nasl - Type : ACT_GATHER_INFO
2013-09-13Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_psn_2012_08_689.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1615.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0858.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1201.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host has an application that is affected by multiple vulnerab...
File : sun_java_j2se_4_2_18_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host contains a runtime environment that is affected by multi...
File : sun_java_jre_244986_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host contains a runtime environment that is affected by multi...
File : sun_java_jre_263408_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host has an application that is affected by multiple vulnerab...
File : sun_java_jre_5_16_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host has an application that is affected by multiple vulnerab...
File : sun_java_jre_6_7_unix.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0594.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1636.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1637.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1649.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1650.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090117_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110608_xerces_j2_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090806_java_1_6_0_openjdk_on_SL5_3.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090824_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080714_java__jdk_1_5_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO