we track for your security since 1999
home
presentation
vulnerabilities
documentation
contact
subscriber area
free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.
recent vulnerabilities
tracked products
RSS feed
vulnerable product
Vulnerabilities of Sun SDK
Sun SDK vulnerability: memory reading via Arrays.fill
When a Java application uses an integer array, and the Arrays.fill() method, the array memory area is not initialized to zero by the JRE, so an attacker can obtain a fragment memory.
Sun SDK vulnerability: obtaining HTTPS Cookies
An attacker, who can control HTTPS connections of victim's web browser and which has a sufficient bandwidth, can use several SSL sessions in order to compute HTTP headers, such as cookies.
Sun SDK vulnerability: memory corruption via XML
An attacker can create XML data containing a malicious byte which corrupts the memory, in order to create a denial of service or to execute code in Apache Xerces2 Java, Java JRE/JDK or OpenJDK.
Sun SDK vulnerability: file access via XML entities
An attacker can provide XML data using an external entity, in order to access to the content of a file or to create a denial of service.
Sun SDK vulnerability: buffer overflow via a BMP or JPG image
An attacker can create a malicious BMP or JPG image in order to execute code on computer of victims opening it with a JDK application.
Display other vulnerabilities of Sun SDK described by Vigil@nce...
Display information about Sun SDK:
http://www.oracle.com/technetwork/java/javase/index.html
Copyright 1999-2013
Vigil@nce
. Vigil@nce is a service from
Orange Business Services
.
Site map
.
Legal notice
.
