Summary
Detail | |||
---|---|---|---|
Vendor | Sun | First view | 2006-02-08 |
Product | Sdk | Last view | 2011-02-17 |
Version | 1.3.1_18 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:sun:sdk |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5 | 2011-02-17 | CVE-2010-4476 | The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308. |
4.3 | 2011-02-17 | CVE-2010-4475 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment, a different vulnerability than CVE-2010-4447. |
10 | 2011-02-17 | CVE-2010-4473 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4454 and CVE-2010-4462. |
10 | 2011-02-17 | CVE-2010-4469 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and "backward jsrs." |
5 | 2011-02-17 | CVE-2010-4466 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows; and 1.4.2_29 and earlier for Windows allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment. |
10 | 2011-02-17 | CVE-2010-4465 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or "clipboard access in Applets." |
10 | 2011-02-17 | CVE-2010-4462 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4454 and CVE-2010-4473. |
10 | 2011-02-17 | CVE-2010-4454 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4462 and CVE-2010-4473. |
3.7 | 2011-02-17 | CVE-2010-4450 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable. |
2.6 | 2011-02-17 | CVE-2010-4448 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves "DNS cache poisoning by untrusted applets." |
4.3 | 2011-02-17 | CVE-2010-4447 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment, a different vulnerability than CVE-2010-4475. |
10 | 2010-10-19 | CVE-2010-3574 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests. |
10 | 2010-10-19 | CVE-2010-3572 | Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
10 | 2010-10-19 | CVE-2010-3571 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the color profile parser that allows remote attackers to execute arbitrary code via a crafted Tag structure in a color profile. |
10 | 2010-10-19 | CVE-2010-3569 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times. |
10 | 2010-10-19 | CVE-2010-3568 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization. |
10 | 2010-10-19 | CVE-2010-3565 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API. |
10 | 2010-10-19 | CVE-2010-3562 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. |
10 | 2010-10-19 | CVE-2010-3559 | Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this involves an incorrect sign extension in the HeadspaceSoundbank.nGetName function, which allows attackers to execute arbitrary code via a crafted BANK record that leads to a buffer overflow. |
6.8 | 2010-10-19 | CVE-2010-3557 | Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static." |
10 | 2010-10-19 | CVE-2010-3556 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
10 | 2010-10-19 | CVE-2010-3554 | Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects." |
10 | 2010-10-19 | CVE-2010-3553 | Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class. |
5 | 2010-10-19 | CVE-2010-3551 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. |
6.8 | 2010-10-19 | CVE-2010-3549 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
26% (8) | CWE-264 | Permissions, Privileges, and Access Controls |
20% (6) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
16% (5) | CWE-200 | Information Exposure |
10% (3) | CWE-399 | Resource Management Errors |
6% (2) | CWE-189 | Numeric Errors |
3% (1) | CWE-310 | Cryptographic Issues |
3% (1) | CWE-287 | Improper Authentication |
3% (1) | CWE-254 | Security Features |
3% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
3% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
3% (1) | CWE-16 | Configuration |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-68 | Subvert Code-signing Facilities |
SAINT Exploits
Description | Link |
---|---|
Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow | More info here |
Java Runtime Environment MixerSequence Function Pointer Control | More info here |
Java Runtime Environment JAR manifest Main Class buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
71621 | Oracle Java SE / Java for Business Networking Unspecified Remote DoS |
71620 | Oracle Java SE / Java for Business Launcher Unspecified Local Issue |
71618 | Oracle Java SE / Java for Business Deployment Unspecified Remote Information ... |
71617 | Oracle Java SE / Java for Business Deployment Unspecified Remote Information ... |
71614 | Oracle Java SE / Java for Business Deployment Java Runtime WWW-Authenticate R... |
71611 | Oracle Java SE / Java for Business Sound Unspecified Remote Compromise (2010-... |
71610 | Oracle Java SE / Java for Business Hotspot Unspecified Remote Compromise |
71608 | Oracle Java SE / Java for Business Swing Clipboard Handle Arbitrary Command I... |
71606 | Oracle Java SE / Java for Business Sound Component XGetSamplePtrFromSnd PV_Sw... |
71605 | Oracle Java SE / Java for Business Sound Unspecified Remote Compromise (2010-... |
70965 | Oracle Java SE / Java for Business Double.parseDouble Method Floating Point ... |
69059 | Oracle Java SE / Java for Business Networking Component HttpURLConnection App... |
69058 | Oracle Java SE / Java for Business JNDI Internal Network Names Information Di... |
69057 | Oracle Java SE / Java for Business Networking Component HttpURLConnection chu... |
69055 | Oracle Java SE / Java for Business Networking Component Network Address Infor... |
69053 | Oracle Java SE / Java for Business Swing Component Unspecified Issue (2010-3553) |
69052 | Oracle Java SE / Java for Business CORBA Component Remote Code Execution |
69050 | Oracle Java SE / Java for Business 2D Component Unspecified Issue (2010-3556) |
69049 | Oracle Java SE / Java for Business Swing Component Unspecified Issue (2010-3557) |
69047 | Oracle Java SE / Java for Business HeadspaceSoundbank.nGetName BANK Record Si... |
69044 | Oracle Java SE / Java for Business 2D Component IndexColorModel Double-free E... |
69042 | Oracle Java SE / Java for Business JRE JPEGImageWriter.writeImage Overflow |
69039 | Oracle Java SE / Java for Business JRE Component Unspecified Issue (2010-3568) |
69038 | Oracle Java SE / Java for Business JRE Component Unspecified Issue (2010-3569) |
69036 | Oracle Java SE / Java for Business ICC Profile Unicode Description Tag Struc... |
ExploitDB Exploits
id | Description |
---|---|
18485 | Java MixerSequencer Object GM_Song Structure Handling Vulnerability |
16302 | Signed Applet Social Engineering Code Exec |
16297 | Java Statement.invoke() Trusted Method Chain Exploit |
16293 | Sun Java Calendar Deserialization Exploit |
9948 | Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserializati... |
8753 | Mac OS X Java applet Remote Deserialization Remote PoC (updated) |
OpenVAS Exploits
id | Description |
---|---|
2012-07-30 | Name : CentOS Update for java CESA-2011:0214 centos5 x86_64 File : nvt/gb_CESA-2011_0214_java_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for java CESA-2011:0281 centos5 x86_64 File : nvt/gb_CESA-2011_0281_java_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for tomcat5 CESA-2011:0336 centos5 x86_64 File : nvt/gb_CESA-2011_0336_tomcat5_centos5_x86_64.nasl |
2012-06-06 | Name : RedHat Update for tomcat6 RHSA-2011:0335-01 File : nvt/gb_RHSA-2011_0335-01_tomcat6.nasl |
2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
2012-03-15 | Name : VMSA-2011-0013.2 VMware third party component updates for VMware vCenter Serv... File : nvt/gb_VMSA-2011-0013.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201111-02 (sun-jre-bin sun-jdk emul-linux-x86-j... File : nvt/glsa_201111_02.nasl |
2011-10-21 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-14638 File : nvt/gb_fedora_2011_14638_java-1.6.0-openjdk_fc14.nasl |
2011-08-29 | Name : Java for Mac OS X 10.5 Update 9 File : nvt/secpod_macosx_java_10_5_upd_9.nasl |
2011-08-29 | Name : Java for Mac OS X 10.6 Update 4 File : nvt/secpod_macosx_java_10_6_upd_4.nasl |
2011-08-12 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-9523 File : nvt/gb_fedora_2011_9523_java-1.6.0-openjdk_fc14.nasl |
2011-08-09 | Name : CentOS Update for java CESA-2009:0377 centos5 i386 File : nvt/gb_CESA-2009_0377_java_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for java CESA-2009:1584 centos5 i386 File : nvt/gb_CESA-2009_1584_java_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for java CESA-2010:0339 centos5 i386 File : nvt/gb_CESA-2010_0339_java_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for java CESA-2010:0768 centos5 i386 File : nvt/gb_CESA-2010_0768_java_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for java CESA-2011:0214 centos5 i386 File : nvt/gb_CESA-2011_0214_java_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for java CESA-2011:0281 centos5 i386 File : nvt/gb_CESA-2011_0281_java_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for tomcat5 CESA-2011:0336 centos5 i386 File : nvt/gb_CESA-2011_0336_tomcat5_centos5_i386.nasl |
2011-06-20 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-8003 File : nvt/gb_fedora_2011_8003_java-1.6.0-openjdk_fc14.nasl |
2011-06-20 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-8020 File : nvt/gb_fedora_2011_8020_java-1.6.0-openjdk_fc13.nasl |
2011-06-06 | Name : HP-UX Update for Java HPSBUX02685 File : nvt/gb_hp_ux_HPSBUX02685.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2224-1 (openjdk-6) File : nvt/deb_2224_1.nasl |
2011-05-05 | Name : HP-UX Update for Apache Web Server HPSBUX02645 File : nvt/gb_hp_ux_HPSBUX02645.nasl |
2011-04-01 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2011:054 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2011_054.nasl |
2011-03-15 | Name : RedHat Update for tomcat5 RHSA-2011:0336-01 File : nvt/gb_RHSA-2011_0336-01_tomcat5.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2012-A-0136 | Multiple Vulnerabilities in Juniper Network Management Products Severity: Category I - VMSKEY: V0033662 |
2012-B-0048 | Multiple Vulnerabilities in HP Systems Insight Manager Severity: Category I - VMSKEY: V0032178 |
2011-A-0173 | Multiple Vulnerabilities in VMware ESX 4.0 Severity: Category I - VMSKEY: V0030824 |
2011-A-0160 | Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana... Severity: Category I - VMSKEY: V0030769 |
2011-A-0066 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0027158 |
2009-A-0105 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0021867 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Sakura exploit kit pdf download detection RuleID : 26539 - Type : EXPLOIT-KIT - Revision : 2 |
2014-01-10 | Sakura exploit kit landing page received RuleID : 26538 - Type : EXPLOIT-KIT - Revision : 2 |
2014-01-10 | Sakura exploit kit jar download detection RuleID : 26537 - Type : EXPLOIT-KIT - Revision : 2 |
2014-01-10 | Oracle Java XGetSamplePtrFromSnd memory corruption attempt RuleID : 24511 - Type : FILE-JAVA - Revision : 8 |
2014-01-10 | Oracle Java XGetSamplePtrFromSnd memory corruption attempt RuleID : 24510 - Type : FILE-JAVA - Revision : 6 |
2014-01-10 | rmf file download request RuleID : 24509 - Type : FILE-IDENTIFY - Revision : 5 |
2014-01-10 | Oracle Java MixerSequencer RMF MIDI structure handling exploit attempt RuleID : 23490 - Type : FILE-MULTIMEDIA - Revision : 8 |
2014-01-10 | Phoenix exploit kit post-compromise behavior RuleID : 21860 - Type : MALWARE-CNC - Revision : 5 |
2014-01-10 | Phoenix exploit kit landing page RuleID : 21640 - Type : EXPLOIT-KIT - Revision : 6 |
2014-01-10 | Eleanore exploit kit post-exploit page request RuleID : 21071 - Type : EXPLOIT-KIT - Revision : 5 |
2014-01-10 | Eleanore exploit kit pdf exploit page request RuleID : 21070 - Type : EXPLOIT-KIT - Revision : 4 |
2014-01-10 | Eleanore exploit kit exploit fetch request RuleID : 21069 - Type : EXPLOIT-KIT - Revision : 4 |
2014-01-10 | Eleanore exploit kit landing page RuleID : 21068 - Type : EXPLOIT-KIT - Revision : 4 |
2014-01-10 | Oracle Java trusted method chaining attempt RuleID : 20529 - Type : FILE-JAVA - Revision : 9 |
2014-01-10 | Oracle Java GIF LZW minimum code size overflow attempt RuleID : 20239 - Type : FILE-JAVA - Revision : 6 |
2014-01-10 | Oracle Java calendar deserialize vulnerability RuleID : 20238 - Type : SERVER-OTHER - Revision : 5 |
2014-01-10 | Oracle Java runtime JPEGImageReader overflow attempt RuleID : 20055 - Type : FILE-JAVA - Revision : 11 |
2014-01-10 | Oracle Java Soundbank resource name overflow attempt RuleID : 19100 - Type : FILE-JAVA - Revision : 12 |
2014-01-10 | Java floating point number denial of service - via POST RuleID : 18471 - Type : SERVER-WEBAPP - Revision : 8 |
2014-01-10 | Java floating point number denial of service - via URI RuleID : 18470 - Type : SERVER-WEBAPP - Revision : 9 |
2014-01-10 | Oracle JDK image parsing library ICC buffer overflow attempt RuleID : 17727 - Type : FILE-OTHER - Revision : 14 |
2014-01-10 | Sun Microsystems Java gif handling memory corruption attempt RuleID : 17628 - Type : FILE-IMAGE - Revision : 8 |
2014-01-10 | Oracle Java AWT ConvolveOp memory corruption attempt RuleID : 17604 - Type : SERVER-OTHER - Revision : 14 |
2014-01-10 | Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow RuleID : 17563 - Type : FILE-JAVA - Revision : 12 |
2014-01-10 | Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt RuleID : 17395 - Type : FILE-IMAGE - Revision : 14 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2016-03-08 | Name: The remote VMware ESX host is missing a security-related patch. File: vmware_VMSA-2010-0002_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0003_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0013_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0014_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0016_remote.nasl - Type: ACT_GATHER_INFO |
2014-06-30 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201406-32.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_java-1_6_0-openjdk-101103.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_java-1_6_0-openjdk-110228.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_java-1_6_0-sun-101019.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_java-1_6_0-sun-110217.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_4_java-1_6_0-sun-110314.nasl - Type: ACT_GATHER_INFO |
2013-09-13 | Name: The remote host is affected by multiple vulnerabilities. File: juniper_nsm_psn_2012_08_689.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2009-0377.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2009-1584.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2010-0339.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2010-0768.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-0214.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-0281.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-0335.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-0336.nasl - Type: ACT_GATHER_INFO |
2013-06-29 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2009-1584.nasl - Type: ACT_GATHER_INFO |
2013-03-09 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1079-2.nasl - Type: ACT_GATHER_INFO |
2013-03-09 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1079-3.nasl - Type: ACT_GATHER_INFO |
2013-02-22 | Name: The remote Unix host contains a programming platform that is affected by mult... File: oracle_java_cpu_feb_2011_unix.nasl - Type: ACT_GATHER_INFO |
2013-02-22 | Name: The remote Unix host contains a runtime environment that is affected by multi... File: oracle_java_cpu_mar_2010_unix.nasl - Type: ACT_GATHER_INFO |