Summary
| Detail | |||
|---|---|---|---|
| Vendor | Sun | First view | 2006-02-08 |
| Product | Sdk | Last view | 2011-02-17 |
| Version | 1.3.1_18 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:sun:sdk | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2011-02-17 | CVE-2010-4476 | The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308. |
| 4.3 | 2011-02-17 | CVE-2010-4475 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment, a different vulnerability than CVE-2010-4447. |
| 10 | 2011-02-17 | CVE-2010-4473 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4454 and CVE-2010-4462. |
| 10 | 2011-02-17 | CVE-2010-4469 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and "backward jsrs." |
| 5 | 2011-02-17 | CVE-2010-4466 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows; and 1.4.2_29 and earlier for Windows allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment. |
| 10 | 2011-02-17 | CVE-2010-4465 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or "clipboard access in Applets." |
| 10 | 2011-02-17 | CVE-2010-4462 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4454 and CVE-2010-4473. |
| 10 | 2011-02-17 | CVE-2010-4454 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4462 and CVE-2010-4473. |
| 3.7 | 2011-02-17 | CVE-2010-4450 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable. |
| 2.6 | 2011-02-17 | CVE-2010-4448 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves "DNS cache poisoning by untrusted applets." |
| 4.3 | 2011-02-17 | CVE-2010-4447 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment, a different vulnerability than CVE-2010-4475. |
| 10 | 2010-10-19 | CVE-2010-3574 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests. |
| 10 | 2010-10-19 | CVE-2010-3572 | Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
| 10 | 2010-10-19 | CVE-2010-3571 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the color profile parser that allows remote attackers to execute arbitrary code via a crafted Tag structure in a color profile. |
| 10 | 2010-10-19 | CVE-2010-3569 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times. |
| 10 | 2010-10-19 | CVE-2010-3568 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization. |
| 10 | 2010-10-19 | CVE-2010-3565 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API. |
| 10 | 2010-10-19 | CVE-2010-3562 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. |
| 10 | 2010-10-19 | CVE-2010-3559 | Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this involves an incorrect sign extension in the HeadspaceSoundbank.nGetName function, which allows attackers to execute arbitrary code via a crafted BANK record that leads to a buffer overflow. |
| 6.8 | 2010-10-19 | CVE-2010-3557 | Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static." |
| 10 | 2010-10-19 | CVE-2010-3556 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
| 10 | 2010-10-19 | CVE-2010-3554 | Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects." |
| 10 | 2010-10-19 | CVE-2010-3553 | Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class. |
| 5 | 2010-10-19 | CVE-2010-3551 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. |
| 6.8 | 2010-10-19 | CVE-2010-3549 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 26% (8) | CWE-264 | Permissions, Privileges, and Access Controls |
| 20% (6) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 16% (5) | CWE-200 | Information Exposure |
| 10% (3) | CWE-399 | Resource Management Errors |
| 6% (2) | CWE-189 | Numeric Errors |
| 3% (1) | CWE-310 | Cryptographic Issues |
| 3% (1) | CWE-287 | Improper Authentication |
| 3% (1) | CWE-254 | Security Features |
| 3% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 3% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 3% (1) | CWE-16 | Configuration |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-68 | Subvert Code-signing Facilities |
SAINT Exploits
| Description | Link |
|---|---|
| Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow | More info here |
| Java Runtime Environment MixerSequence Function Pointer Control | More info here |
| Java Runtime Environment JAR manifest Main Class buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 71621 | Oracle Java SE / Java for Business Networking Unspecified Remote DoS |
| 71620 | Oracle Java SE / Java for Business Launcher Unspecified Local Issue |
| 71618 | Oracle Java SE / Java for Business Deployment Unspecified Remote Information ... |
| 71617 | Oracle Java SE / Java for Business Deployment Unspecified Remote Information ... |
| 71614 | Oracle Java SE / Java for Business Deployment Java Runtime WWW-Authenticate R... |
| 71611 | Oracle Java SE / Java for Business Sound Unspecified Remote Compromise (2010-... |
| 71610 | Oracle Java SE / Java for Business Hotspot Unspecified Remote Compromise |
| 71608 | Oracle Java SE / Java for Business Swing Clipboard Handle Arbitrary Command I... |
| 71606 | Oracle Java SE / Java for Business Sound Component XGetSamplePtrFromSnd PV_Sw... |
| 71605 | Oracle Java SE / Java for Business Sound Unspecified Remote Compromise (2010-... |
| 70965 | Oracle Java SE / Java for Business Double.parseDouble Method Floating Point ... |
| 69059 | Oracle Java SE / Java for Business Networking Component HttpURLConnection App... |
| 69058 | Oracle Java SE / Java for Business JNDI Internal Network Names Information Di... |
| 69057 | Oracle Java SE / Java for Business Networking Component HttpURLConnection chu... |
| 69055 | Oracle Java SE / Java for Business Networking Component Network Address Infor... |
| 69053 | Oracle Java SE / Java for Business Swing Component Unspecified Issue (2010-3553) |
| 69052 | Oracle Java SE / Java for Business CORBA Component Remote Code Execution |
| 69050 | Oracle Java SE / Java for Business 2D Component Unspecified Issue (2010-3556) |
| 69049 | Oracle Java SE / Java for Business Swing Component Unspecified Issue (2010-3557) |
| 69047 | Oracle Java SE / Java for Business HeadspaceSoundbank.nGetName BANK Record Si... |
| 69044 | Oracle Java SE / Java for Business 2D Component IndexColorModel Double-free E... |
| 69042 | Oracle Java SE / Java for Business JRE JPEGImageWriter.writeImage Overflow |
| 69039 | Oracle Java SE / Java for Business JRE Component Unspecified Issue (2010-3568) |
| 69038 | Oracle Java SE / Java for Business JRE Component Unspecified Issue (2010-3569) |
| 69036 | Oracle Java SE / Java for Business ICC Profile Unicode Description Tag Struc... |
ExploitDB Exploits
| id | Description |
|---|---|
| 18485 | Java MixerSequencer Object GM_Song Structure Handling Vulnerability |
| 16302 | Signed Applet Social Engineering Code Exec |
| 16297 | Java Statement.invoke() Trusted Method Chain Exploit |
| 16293 | Sun Java Calendar Deserialization Exploit |
| 9948 | Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserializati... |
| 8753 | Mac OS X Java applet Remote Deserialization Remote PoC (updated) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-07-30 | Name : CentOS Update for java CESA-2011:0214 centos5 x86_64 File : nvt/gb_CESA-2011_0214_java_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for java CESA-2011:0281 centos5 x86_64 File : nvt/gb_CESA-2011_0281_java_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for tomcat5 CESA-2011:0336 centos5 x86_64 File : nvt/gb_CESA-2011_0336_tomcat5_centos5_x86_64.nasl |
| 2012-06-06 | Name : RedHat Update for tomcat6 RHSA-2011:0335-01 File : nvt/gb_RHSA-2011_0335-01_tomcat6.nasl |
| 2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
| 2012-03-15 | Name : VMSA-2011-0013.2 VMware third party component updates for VMware vCenter Serv... File : nvt/gb_VMSA-2011-0013.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201111-02 (sun-jre-bin sun-jdk emul-linux-x86-j... File : nvt/glsa_201111_02.nasl |
| 2011-10-21 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-14638 File : nvt/gb_fedora_2011_14638_java-1.6.0-openjdk_fc14.nasl |
| 2011-08-29 | Name : Java for Mac OS X 10.5 Update 9 File : nvt/secpod_macosx_java_10_5_upd_9.nasl |
| 2011-08-29 | Name : Java for Mac OS X 10.6 Update 4 File : nvt/secpod_macosx_java_10_6_upd_4.nasl |
| 2011-08-12 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-9523 File : nvt/gb_fedora_2011_9523_java-1.6.0-openjdk_fc14.nasl |
| 2011-08-09 | Name : CentOS Update for java CESA-2009:0377 centos5 i386 File : nvt/gb_CESA-2009_0377_java_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for java CESA-2009:1584 centos5 i386 File : nvt/gb_CESA-2009_1584_java_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for java CESA-2010:0339 centos5 i386 File : nvt/gb_CESA-2010_0339_java_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for java CESA-2010:0768 centos5 i386 File : nvt/gb_CESA-2010_0768_java_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for java CESA-2011:0214 centos5 i386 File : nvt/gb_CESA-2011_0214_java_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for java CESA-2011:0281 centos5 i386 File : nvt/gb_CESA-2011_0281_java_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for tomcat5 CESA-2011:0336 centos5 i386 File : nvt/gb_CESA-2011_0336_tomcat5_centos5_i386.nasl |
| 2011-06-20 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-8003 File : nvt/gb_fedora_2011_8003_java-1.6.0-openjdk_fc14.nasl |
| 2011-06-20 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-8020 File : nvt/gb_fedora_2011_8020_java-1.6.0-openjdk_fc13.nasl |
| 2011-06-06 | Name : HP-UX Update for Java HPSBUX02685 File : nvt/gb_hp_ux_HPSBUX02685.nasl |
| 2011-05-12 | Name : Debian Security Advisory DSA 2224-1 (openjdk-6) File : nvt/deb_2224_1.nasl |
| 2011-05-05 | Name : HP-UX Update for Apache Web Server HPSBUX02645 File : nvt/gb_hp_ux_HPSBUX02645.nasl |
| 2011-04-01 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2011:054 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2011_054.nasl |
| 2011-03-15 | Name : RedHat Update for tomcat5 RHSA-2011:0336-01 File : nvt/gb_RHSA-2011_0336-01_tomcat5.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2012-A-0136 | Multiple Vulnerabilities in Juniper Network Management Products Severity: Category I - VMSKEY: V0033662 |
| 2012-B-0048 | Multiple Vulnerabilities in HP Systems Insight Manager Severity: Category I - VMSKEY: V0032178 |
| 2011-A-0173 | Multiple Vulnerabilities in VMware ESX 4.0 Severity: Category I - VMSKEY: V0030824 |
| 2011-A-0160 | Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana... Severity: Category I - VMSKEY: V0030769 |
| 2011-A-0066 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0027158 |
| 2009-A-0105 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0021867 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Sakura exploit kit pdf download detection RuleID : 26539 - Type : EXPLOIT-KIT - Revision : 2 |
| 2014-01-10 | Sakura exploit kit landing page received RuleID : 26538 - Type : EXPLOIT-KIT - Revision : 2 |
| 2014-01-10 | Sakura exploit kit jar download detection RuleID : 26537 - Type : EXPLOIT-KIT - Revision : 2 |
| 2014-01-10 | Oracle Java XGetSamplePtrFromSnd memory corruption attempt RuleID : 24511 - Type : FILE-JAVA - Revision : 8 |
| 2014-01-10 | Oracle Java XGetSamplePtrFromSnd memory corruption attempt RuleID : 24510 - Type : FILE-JAVA - Revision : 6 |
| 2014-01-10 | rmf file download request RuleID : 24509 - Type : FILE-IDENTIFY - Revision : 5 |
| 2014-01-10 | Oracle Java MixerSequencer RMF MIDI structure handling exploit attempt RuleID : 23490 - Type : FILE-MULTIMEDIA - Revision : 8 |
| 2014-01-10 | Phoenix exploit kit post-compromise behavior RuleID : 21860 - Type : MALWARE-CNC - Revision : 5 |
| 2014-01-10 | Phoenix exploit kit landing page RuleID : 21640 - Type : EXPLOIT-KIT - Revision : 6 |
| 2014-01-10 | Eleanore exploit kit post-exploit page request RuleID : 21071 - Type : EXPLOIT-KIT - Revision : 5 |
| 2014-01-10 | Eleanore exploit kit pdf exploit page request RuleID : 21070 - Type : EXPLOIT-KIT - Revision : 4 |
| 2014-01-10 | Eleanore exploit kit exploit fetch request RuleID : 21069 - Type : EXPLOIT-KIT - Revision : 4 |
| 2014-01-10 | Eleanore exploit kit landing page RuleID : 21068 - Type : EXPLOIT-KIT - Revision : 4 |
| 2014-01-10 | Oracle Java trusted method chaining attempt RuleID : 20529 - Type : FILE-JAVA - Revision : 9 |
| 2014-01-10 | Oracle Java GIF LZW minimum code size overflow attempt RuleID : 20239 - Type : FILE-JAVA - Revision : 6 |
| 2014-01-10 | Oracle Java calendar deserialize vulnerability RuleID : 20238 - Type : SERVER-OTHER - Revision : 5 |
| 2014-01-10 | Oracle Java runtime JPEGImageReader overflow attempt RuleID : 20055 - Type : FILE-JAVA - Revision : 11 |
| 2014-01-10 | Oracle Java Soundbank resource name overflow attempt RuleID : 19100 - Type : FILE-JAVA - Revision : 12 |
| 2014-01-10 | Java floating point number denial of service - via POST RuleID : 18471 - Type : SERVER-WEBAPP - Revision : 8 |
| 2014-01-10 | Java floating point number denial of service - via URI RuleID : 18470 - Type : SERVER-WEBAPP - Revision : 9 |
| 2014-01-10 | Oracle JDK image parsing library ICC buffer overflow attempt RuleID : 17727 - Type : FILE-OTHER - Revision : 14 |
| 2014-01-10 | Sun Microsystems Java gif handling memory corruption attempt RuleID : 17628 - Type : FILE-IMAGE - Revision : 8 |
| 2014-01-10 | Oracle Java AWT ConvolveOp memory corruption attempt RuleID : 17604 - Type : SERVER-OTHER - Revision : 14 |
| 2014-01-10 | Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow RuleID : 17563 - Type : FILE-JAVA - Revision : 12 |
| 2014-01-10 | Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt RuleID : 17395 - Type : FILE-IMAGE - Revision : 14 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-03-08 | Name: The remote VMware ESX host is missing a security-related patch. File: vmware_VMSA-2010-0002_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0003_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0013_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0014_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0016_remote.nasl - Type: ACT_GATHER_INFO |
| 2014-06-30 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201406-32.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_java-1_6_0-openjdk-101103.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_java-1_6_0-openjdk-110228.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_java-1_6_0-sun-101019.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_java-1_6_0-sun-110217.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_4_java-1_6_0-sun-110314.nasl - Type: ACT_GATHER_INFO |
| 2013-09-13 | Name: The remote host is affected by multiple vulnerabilities. File: juniper_nsm_psn_2012_08_689.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2009-0377.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2009-1584.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2010-0339.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2010-0768.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-0214.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-0281.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-0335.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-0336.nasl - Type: ACT_GATHER_INFO |
| 2013-06-29 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2009-1584.nasl - Type: ACT_GATHER_INFO |
| 2013-03-09 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1079-2.nasl - Type: ACT_GATHER_INFO |
| 2013-03-09 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1079-3.nasl - Type: ACT_GATHER_INFO |
| 2013-02-22 | Name: The remote Unix host contains a programming platform that is affected by mult... File: oracle_java_cpu_feb_2011_unix.nasl - Type: ACT_GATHER_INFO |
| 2013-02-22 | Name: The remote Unix host contains a runtime environment that is affected by multi... File: oracle_java_cpu_mar_2010_unix.nasl - Type: ACT_GATHER_INFO |
