Summary
| Detail | |||
|---|---|---|---|
| Vendor | Sun | First view | 2006-02-08 |
| Product | Jdk | Last view | 2013-02-01 |
| Version | 1.4.2_1 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:sun:jdk | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 10 | 2013-02-01 | CVE-2013-1481 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. |
| 10 | 2013-02-01 | CVE-2013-1480 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. |
| 10 | 2013-02-01 | CVE-2013-1478 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption. |
| 10 | 2013-02-01 | CVE-2013-1476 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors." |
| 10 | 2013-02-01 | CVE-2013-1475 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java. |
| 4 | 2013-02-01 | CVE-2013-0443 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key. |
| 10 | 2013-02-01 | CVE-2013-0442 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. |
| 10 | 2013-02-01 | CVE-2013-0441 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-1476 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via certain methods that should not be serialized, aka "missing serialization restriction." |
| 5 | 2013-02-01 | CVE-2013-0440 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java. |
| 5 | 2013-02-01 | CVE-2013-0434 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information. |
| 6.4 | 2013-02-01 | CVE-2013-0432 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks." |
| 10 | 2013-02-01 | CVE-2013-0428 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API. |
| 10 | 2013-02-01 | CVE-2013-0426 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. |
| 10 | 2013-02-01 | CVE-2013-0425 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. |
| 5 | 2013-02-01 | CVE-2013-0424 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number. |
| 7.6 | 2012-10-16 | CVE-2012-5089 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-3143. |
| 0 | 2012-10-16 | CVE-2012-5085 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE. |
| 7.6 | 2012-10-16 | CVE-2012-5084 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. |
| 10 | 2012-10-16 | CVE-2012-5083 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
| 5 | 2012-10-16 | CVE-2012-5081 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. |
| 5 | 2012-10-16 | CVE-2012-5079 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5073. |
| 2.6 | 2012-10-16 | CVE-2012-5077 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security. |
| 5 | 2012-10-16 | CVE-2012-5073 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5079. |
| 2.6 | 2012-10-16 | CVE-2012-3216 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. |
| 10 | 2012-10-16 | CVE-2012-1531 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 46% (19) | CWE-264 | Permissions, Privileges, and Access Controls |
| 17% (7) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 14% (6) | CWE-200 | Information Exposure |
| 4% (2) | CWE-189 | Numeric Errors |
| 4% (2) | CWE-16 | Configuration |
| 2% (1) | CWE-399 | Resource Management Errors |
| 2% (1) | CWE-287 | Improper Authentication |
| 2% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 2% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 2% (1) | CWE-20 | Improper Input Validation |
SAINT Exploits
| Description | Link |
|---|---|
| Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow | More info here |
| Oracle Java Applet2ClassLoader Vulnerability | More info here |
| Java Runtime CMM readMabCurveData Buffer Overflow | More info here |
| Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow | More info here |
| Java Runtime Environment MixerSequence Function Pointer Control | More info here |
| Java Runtime Environment JAR manifest Main Class buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 76512 | Oracle Java SE JRE JAXWS Component Unspecified Remote Information Disclosure |
| 76511 | Oracle Java SE JRE Networking Component Unspecified Remote Information Disclo... |
| 76510 | Oracle Java SE JRE HotSpot Component Unspecified Remote Information Disclosure |
| 76507 | Oracle Java SE JRE JSSE Component Unspecified Remote Issue |
| 76506 | Oracle Java SE JRE RMI Component Unspecified Remote Issue (2011-3557) |
| 76505 | Oracle Java SE JRE RMI Component Unspecified Remote Issue (2011-3556) |
| 76504 | Oracle Java SE JRE Deployment Component Unspecified Remote Issue (2011-3516) |
| 76503 | Oracle Java SE JRE AWT Component Unspecified Remote Issue (2011-3550) |
| 76502 | Oracle Java SE JRE 2D Component Unspecified Remote Issue |
| 76501 | Oracle Java SE JRE Swing Component Unspecified Remote Issue |
| 76499 | Oracle Java SE JRE jsound.dll MixerSequencer.nAddControllerEventCallback Func... |
| 76498 | Oracle Java SE JRE Component Unspecified Remote Issue (2011-3554) |
| 76497 | Oracle Java SE JRE Networking Component java.net.Socket API UDP Socket Satura... |
| 76496 | Oracle Java SE JRE IIOP Deserialization Applet Handling Remote Code Execution |
| 76495 | Oracle Java SE JRE AWT Component Unspecified Remote Issue (2011-3548) |
| 73176 | Oracle Java SE / JRE AWT FileDialog.show() String Copy Overflow |
| 73085 | Oracle Java SE / JRE Deserialization Unspecified Remote Issue |
| 73084 | Oracle Java SE / JRE SAAJ Unspecified Remote Information Disclosure |
| 73083 | Oracle Java SE / JRE Networking Unspecified Remote Information Disclosure |
| 73082 | Oracle Java SE / JRE NIO Unspecified Remote DoS |
| 73081 | Oracle Java SE / JRE 2D Unspecified Remote Information Disclosure |
| 73080 | Oracle Java SE / JRE Java Web Start DLL Search Path Subversion Arbitrary DLL ... |
| 73079 | Oracle Java SE / JRE Java Web Start File Search Path Policy File Loading Remo... |
| 73078 | Oracle Java SE / JRE Java Web Start File Search Path Settings Files Loading R... |
| 73077 | Oracle Java SE / JRE Swing Unspecified Remote Code Execution |
ExploitDB Exploits
| id | Description |
|---|---|
| 18485 | Java MixerSequencer Object GM_Song Structure Handling Vulnerability |
| 16990 | Sun Java Applet2ClassLoader Remote Code Execution Exploit |
| 16495 | Sun Java Web Start BasicServiceImpl Remote Code Execution Exploit |
| 16305 | Java RMIConnectionImpl Deserialization Privilege Escalation Exploit |
| 16302 | Signed Applet Social Engineering Code Exec |
| 16293 | Sun Java Calendar Deserialization Exploit |
| 15056 | MOAUB #20 - Java CMM readMabCurveData Stack Overflow |
| 9948 | Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserializati... |
| 8753 | Mac OS X Java applet Remote Deserialization Remote PoC (updated) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-12-13 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:0828-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_0828_1.nasl |
| 2012-12-13 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1423-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1423_1.nasl |
| 2012-12-13 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1424-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1424_1.nasl |
| 2012-11-02 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:169 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_169.nasl |
| 2012-10-29 | Name : Ubuntu Update for openjdk-7 USN-1619-1 File : nvt/gb_ubuntu_USN_1619_1.nasl |
| 2012-10-19 | Name : CentOS Update for java CESA-2012:1384 centos6 File : nvt/gb_CESA-2012_1384_java_centos6.nasl |
| 2012-10-19 | Name : CentOS Update for java CESA-2012:1385 centos5 File : nvt/gb_CESA-2012_1385_java_centos5.nasl |
| 2012-10-19 | Name : CentOS Update for java CESA-2012:1386 centos6 File : nvt/gb_CESA-2012_1386_java_centos6.nasl |
| 2012-10-19 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1384-01 File : nvt/gb_RHSA-2012_1384-01_java-1.6.0-openjdk.nasl |
| 2012-10-19 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1385-01 File : nvt/gb_RHSA-2012_1385-01_java-1.6.0-openjdk.nasl |
| 2012-10-19 | Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1386-01 File : nvt/gb_RHSA-2012_1386-01_java-1.7.0-openjdk.nasl |
| 2012-10-19 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-16351 File : nvt/gb_fedora_2012_16351_java-1.6.0-openjdk_fc16.nasl |
| 2012-10-19 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16351 File : nvt/gb_fedora_2012_16351_java-1.7.0-openjdk_fc16.nasl |
| 2012-10-19 | Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Oct (Windows) File : nvt/gb_oracle_java_se_mult_vuln01_oct12_win.nasl |
| 2012-10-19 | Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 oct12 (Windows) File : nvt/gb_oracle_java_se_mult_vuln02_oct12_win.nasl |
| 2012-09-22 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-13127 File : nvt/gb_fedora_2012_13127_java-1.6.0-openjdk_fc16.nasl |
| 2012-09-06 | Name : Ubuntu Update for icedtea-web USN-1505-2 File : nvt/gb_ubuntu_USN_1505_2.nasl |
| 2012-09-04 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13138 File : nvt/gb_fedora_2012_13138_java-1.7.0-openjdk_fc16.nasl |
| 2012-08-30 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9590 File : nvt/gb_fedora_2012_9590_java-1.7.0-openjdk_fc17.nasl |
| 2012-08-22 | Name : Oracle Java SE Java Runtime Environment Multiple Unspecified Vulnerabilities(... File : nvt/gb_oracle_java_se_mult_unspecified_vuln01_aug12_win.nasl |
| 2012-08-22 | Name : Oracle Java SE Java Runtime Environment Multiple Unspecified Vulnerabilities ... File : nvt/gb_oracle_java_se_mult_unspecified_vuln_aug12_win.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2507-1 (openjdk-6) File : nvt/deb_2507_1.nasl |
| 2012-08-03 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:095 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_095.nasl |
| 2012-07-30 | Name : CentOS Update for java CESA-2011:0214 centos5 x86_64 File : nvt/gb_CESA-2011_0214_java_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for java CESA-2011:0281 centos5 x86_64 File : nvt/gb_CESA-2011_0281_java_centos5_x86_64.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0033884 |
| 2012-A-0146 | Multiple Vulnerabilities in VMware vCenter Update Manager 4.1 Severity: Category I - VMSKEY: V0033792 |
| 2012-A-0136 | Multiple Vulnerabilities in Juniper Network Management Products Severity: Category I - VMSKEY: V0033662 |
| 2012-B-0048 | Multiple Vulnerabilities in HP Systems Insight Manager Severity: Category I - VMSKEY: V0032178 |
| 2012-A-0048 | Multiple Vulnerabilities in VMware vCenter Update Manager 5.0 Severity: Category I - VMSKEY: V0031901 |
| 2011-A-0173 | Multiple Vulnerabilities in VMware ESX 4.0 Severity: Category I - VMSKEY: V0030824 |
| 2011-A-0160 | Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana... Severity: Category I - VMSKEY: V0030769 |
| 2011-A-0066 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0027158 |
| 2009-A-0105 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0021867 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-04-05 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45830 - Type : SERVER-OTHER - Revision : 1 |
| 2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45201 - Type : SERVER-OTHER - Revision : 2 |
| 2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45200 - Type : SERVER-OTHER - Revision : 2 |
| 2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45199 - Type : SERVER-OTHER - Revision : 2 |
| 2017-08-01 | multiple products PNG processing buffer overflow attempt RuleID : 43399 - Type : FILE-IMAGE - Revision : 2 |
| 2014-03-13 | Java FileDialog heap buffer overflow attempt RuleID : 29643 - Type : MALWARE-OTHER - Revision : 3 |
| 2014-03-13 | Java FileDialog heap buffer overflow attempt RuleID : 29642 - Type : MALWARE-OTHER - Revision : 3 |
| 2014-03-13 | Java FileDialog heap buffer overflow attempt RuleID : 29641 - Type : MALWARE-OTHER - Revision : 2 |
| 2014-03-13 | Java FileDialog heap buffer overflow attempt RuleID : 29640 - Type : MALWARE-OTHER - Revision : 2 |
| 2014-01-10 | Sakura exploit kit pdf download detection RuleID : 26539 - Type : EXPLOIT-KIT - Revision : 2 |
| 2014-01-10 | Sakura exploit kit landing page received RuleID : 26538 - Type : EXPLOIT-KIT - Revision : 2 |
| 2014-01-10 | Sakura exploit kit jar download detection RuleID : 26537 - Type : EXPLOIT-KIT - Revision : 2 |
| 2014-01-10 | Oracle Java XGetSamplePtrFromSnd memory corruption attempt RuleID : 24511 - Type : FILE-JAVA - Revision : 8 |
| 2014-01-10 | Oracle Java XGetSamplePtrFromSnd memory corruption attempt RuleID : 24510 - Type : FILE-JAVA - Revision : 6 |
| 2014-01-10 | rmf file download request RuleID : 24509 - Type : FILE-IDENTIFY - Revision : 5 |
| 2014-01-10 | Oracle Java MixerSequencer RMF MIDI structure handling exploit attempt RuleID : 23490 - Type : FILE-MULTIMEDIA - Revision : 8 |
| 2014-01-10 | Phoenix exploit kit post-compromise behavior RuleID : 21860 - Type : MALWARE-CNC - Revision : 5 |
| 2014-01-10 | Phoenix exploit kit landing page RuleID : 21640 - Type : EXPLOIT-KIT - Revision : 6 |
| 2014-01-10 | Oracle Java runtime RMIConnectionImpl deserialization execution attempt RuleID : 21387 - Type : FILE-JAVA - Revision : 11 |
| 2014-01-10 | Eleanore exploit kit post-exploit page request RuleID : 21071 - Type : EXPLOIT-KIT - Revision : 5 |
| 2014-01-10 | Eleanore exploit kit pdf exploit page request RuleID : 21070 - Type : EXPLOIT-KIT - Revision : 4 |
| 2014-01-10 | Eleanore exploit kit exploit fetch request RuleID : 21069 - Type : EXPLOIT-KIT - Revision : 4 |
| 2014-01-10 | Eleanore exploit kit landing page RuleID : 21068 - Type : EXPLOIT-KIT - Revision : 4 |
| 2014-01-10 | Oracle Java browser plugin docbase overflow attempt RuleID : 20444 - Type : FILE-JAVA - Revision : 7 |
| 2014-01-10 | Oracle Java Web Start BasicServiceImpl security policy bypass attempt RuleID : 20430 - Type : FILE-JAVA - Revision : 7 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-03-08 | Name: The remote VMware ESX host is missing a security-related patch. File: vmware_VMSA-2010-0002_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0003_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0013_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_esx_VMSA-2013-0003_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0014_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0016_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-03 | Name: The remote VMware ESXi / ESX host is missing a security-related patch. File: vmware_VMSA-2012-0005_remote.nasl - Type: ACT_GATHER_INFO |
| 2015-05-20 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2012-1489-1.nasl - Type: ACT_GATHER_INFO |
| 2015-05-20 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2012-1489-2.nasl - Type: ACT_GATHER_INFO |
| 2015-05-20 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2012-1490-1.nasl - Type: ACT_GATHER_INFO |
| 2014-11-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2012-1332.nasl - Type: ACT_GATHER_INFO |
| 2014-11-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2013-1455.nasl - Type: ACT_GATHER_INFO |
| 2014-11-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2013-1456.nasl - Type: ACT_GATHER_INFO |
| 2014-08-22 | Name: The remote host is affected by multiple vulnerabilities. File: juniper_nsm_jsa10642.nasl - Type: ACT_GATHER_INFO |
| 2014-07-18 | Name: The remote Windows host contains a programming platform that is potentially a... File: oracle_jrockit_cpu_oct_2012.nasl - Type: ACT_GATHER_INFO |
| 2014-06-30 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201406-32.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-368.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-749.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-754.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-755.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-131.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-165.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_icedtea-web-110627.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_java-1_6_0-openjdk-101103.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_java-1_6_0-openjdk-110228.nasl - Type: ACT_GATHER_INFO |
