The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Sun J2SE

Java JRE/JDK: several vulnerabilities
Several vulnerabilities of Java JRE/JDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code...
BID-55501, BID-55538, BID-56025, BID-56033, BID-56039, BID-56043, BID-56046, BID-56051, BID-56054, BID-56055, BID-56056, BID-56057, BID-56058, BID-56059, BID-56061, BID-56063, BID-56065, BID-56067, BID-56070, BID-56071, BID-56072, BID-56075, BID-56076, BID-56079, BID-56080, BID-56081, BID-56082, BID-56083, c03595351, CERTA-2012-AVI-576, CERTA-2012-AVI-746, CERTA-2013-AVI-094, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4416, CVE-2012-4420, CVE-2012-5067, CVE-2012-5068, CVE-2012-5069, CVE-2012-5070, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5074, CVE-2012-5075, CVE-2012-5076, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5089, CVE-2012-5979-ERROR, DSECRG-12-039, ESX350-201302401-SG, FEDORA-2012-16346, FEDORA-2012-16351, IC89804, javacpuoct2012, MDVSA-2012:169, openSUSE-SU-2012:1419-1, openSUSE-SU-2012:1423-1, openSUSE-SU-2012:1424-1, RHSA-2012:1384-01, RHSA-2012:1385-01, RHSA-2012:1386-01, RHSA-2012:1391-01, RHSA-2012:1392-01, RHSA-2012:1465-01, RHSA-2012:1466-01, RHSA-2012:1467-01, RHSA-2012:1485-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SUSE-SU-2012:1398-1, SUSE-SU-2012:1489-1, SUSE-SU-2012:1489-2, SUSE-SU-2012:1490-1, SUSE-SU-2012:1588-1, SUSE-SU-2012:1595-1, swg21621958, swg21621959, VIGILANCE-VUL-12072, VMSA-2013-0001.2, VMSA-2013-0003
Java JRE: memory reading via Arrays.fill
When a Java application uses an integer array, and the Arrays.fill() method, the array memory area is not initialized to zero by the JRE, so an attacker can obtain a fragment memory...
7196857, BID-55501, BID-55538, c03595351, CERTA-2012-AVI-746, CVE-2012-4416, CVE-2012-4420, FEDORA-2012-16346, FEDORA-2012-16351, MDVSA-2012:169, openSUSE-SU-2012:1419-1, openSUSE-SU-2012:1423-1, openSUSE-SU-2012:1424-1, RHSA-2012:1384-01, RHSA-2012:1385-01, RHSA-2012:1386-01, RHSA-2012:1391-01, RHSA-2012:1392-01, VIGILANCE-VUL-11929
Java JRE/JDK: aggravate vulnerability via AWT
An attacker can use a vulnerability of Java AWT, in order to aggravate the severity of another vulnerability...
BID-55339, c03533078, c03538957, CERTA-2012-AVI-595, CVE-2012-0547, FEDORA-2012-13127, HPSBUX02824, HPSBUX02825, MDVSA-2012:150, MDVSA-2012:150-1, openSUSE-SU-2012:1154-1, openSUSE-SU-2012:1175-1, RHSA-2012:1221-01, RHSA-2012:1222-01, RHSA-2012:1223-01, RHSA-2012:1225-01, RHSA-2012:1392-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SSRT100970, SSRT100974, SUSE-SU-2012:1148-1, SUSE-SU-2012:1231-1, VIGILANCE-VUL-11910
Java JRE/JDK 7: several vulnerabilities
Several vulnerabilities of Java JRE/JDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code...
BID-55213, BID-55336, BID-55337, c03533078, CERTA-2012-ALE-005, CERTA-2012-AVI-473, CERTA-2012-AVI-595, CVE-2012-1682, CVE-2012-3136, CVE-2012-4681, FEDORA-2012-13127, HPSBUX02824, MDVSA-2012:150, MDVSA-2012:150-1, openSUSE-SU-2012:1154-1, openSUSE-SU-2012:1175-1, RHSA-2012:1221-01, RHSA-2012:1222-01, RHSA-2012:1223-01, RHSA-2012:1225-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SSRT100970, SUSE-SU-2012:1148-1, SUSE-SU-2012:1231-1, VIGILANCE-VUL-11909, VU#636312, ZDI-12-197
Java JRE 7: code execution via ClassFinder and getField
An attacker can create an HTML page containing a malicious Java applet, in order to execute code on victim's computer...
BID-55213, c03533078, CERTA-2012-ALE-005, CERTA-2012-AVI-473, CERTA-2012-AVI-595, CVE-2012-3539-REJECT, CVE-2012-4681, FEDORA-2012-13131, FEDORA-2012-13138, HPSBUX02824, RHSA-2012:1221-01, RHSA-2012:1222-01, RHSA-2012:1223-01, RHSA-2012:1225-01, SE-2012-01, SSRT100970, SUSE-SU-2012:1231-1, VIGILANCE-VUL-11897, VU#636312
Java Language: denial of service via hash collision
An attacker can send data generating storage collisions, in order to overload a service...
CVE-2012-2739, VIGILANCE-VUL-11715
Java JRE/JDK: several vulnerabilities
Several vulnerabilities of Java JRE/JDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code...
BID-53946, BID-53947, BID-53948, BID-53949, BID-53950, BID-53951, BID-53952, BID-53953, BID-53954, BID-53956, BID-53958, BID-53959, BID-53960, c03441075, CERTA-2012-AVI-331, CERTA-2012-AVI-452, CERTA-2012-AVI-607, CERTA-2012-AVI-666, CVE-2012-0551, CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1720, CVE-2012-1721, CVE-2012-1722, CVE-2012-1723, CVE-2012-1724, CVE-2012-1725, CVE-2012-1726, DSA-2507-1, ESX400-201209001, ESX400-201209401-SG, ESX400-201209402-SG, ESX400-201209404-SG, FEDORA-2012-9541, FEDORA-2012-9545, FEDORA-2012-9590, FEDORA-2012-9593, HPSBUX02805, IC87301, javacpujun2012, MDVSA-2012:095, openSUSE-SU-2012:0828-1, PM65379, RHSA-2012:0729-01, RHSA-2012:0730-01, RHSA-2012:0734-01, RHSA-2012:1009-01, RHSA-2012:1019-01, RHSA-2012:1238-01, RHSA-2012:1243-01, RHSA-2012:1245-01, RHSA-2012:1289-01, RHSA-2012:1332-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SSRT100919, SUSE-SU-2012:0762-1, SUSE-SU-2012:1177-1, SUSE-SU-2012:1177-2, SUSE-SU-2012:1204-1, SUSE-SU-2012:1231-1, SUSE-SU-2012:1264-1, SUSE-SU-2012:1265-1, SUSE-SU-2012:1475-1, swg21615246, swg21617572, swg21632667, swg21632668, swg21633991, swg21633992, VIGILANCE-VUL-11703, VMSA-2012-0003.1, VMSA-2012-0005.3, VMSA-2012-0008.1, VMSA-2012-0013.1, ZDI-12-142, ZDI-12-189
Java Lightweight HTTP Server: denial of service via hash collision
An attacker can send data generating storage collisions, in order to overload a service...
BID-51236, c03254184, c03350339, CVE-2011-4838-ERROR, CVE-2011-5035, DSA-2420-1, HPSBUX02757, HPSBUX02784, MDVSA-2012:021, openSUSE-SU-2012:0309-1, RHSA-2012:0139-01, RHSA-2012:0514-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SSRT100779, SSRT100871, SUSE-SU-2012:0308-1, VIGILANCE-VUL-11381
Java JRE/JDK: several vulnerabilities
Several vulnerabilities of Java JRE/JDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code...
BID-52009, BID-52010, BID-52011, BID-52012, BID-52013, BID-52014, BID-52015, BID-52016, BID-52017, BID-52018, BID-52019, BID-52020, BID-52161, c03254184, c03266681, c03316985, c03350339, c03358587, c03405642, CERTA-2012-AVI-085, CERTA-2012-AVI-286, CERTA-2012-AVI-395, CERTA-2012-AVI-479, CVE-2011-3563, CVE-2011-3571, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0504, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507, CVE-2012-0508, DSA-2420-1, ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG, FEDORA-2012-1690, FEDORA-2012-1711, FEDORA-2012-1721, HPSBMU02797, HPSBMU02799, HPSBUX02757, HPSBUX02760, HPSBUX02777, HPSBUX02784, javacpufeb2012, MDVSA-2012:021, openSUSE-SU-2012:0309-1, PRE-SA-2012-01, RHSA-2012:0135-01, RHSA-2012:0139-01, RHSA-2012:0322-01, RHSA-2012:0508-01, RHSA-2012:0514-01, RHSA-2012:0702-01, RHSA-2012:1080-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SSRT100779, SSRT100805, SSRT100854, SSRT100867, SSRT100871, SUSE-SU-2012:0308-1, SUSE-SU-2012:0602-1, SUSE-SU-2012:0603-1, SUSE-SU-2012:0734-1, SUSE-SU-2012:0881-1, SUSE-SU-2012:1013-1, swg21632667, swg21632668, swg21633991, swg21633992, TPTI-12-01, TSL20120214-01, VIGILANCE-VUL-11368, VMSA-2012-0005.2, VMSA-2012-0005.4, VMSA-2012-0013, VMSA-2012-0013.2, VMSA-2012-0018.1, VMSA-2013-0003, ZDI-12-032, ZDI-12-037, ZDI-12-038, ZDI-12-039, ZDI-12-045, ZDI-12-060, ZDI-12-081, ZDI-12-082, ZDI-12-083
Java: bypassing the update check
When the Java JRE is automatically updated, an attacker can replace the binary to be downloaded by a program calling a Trojan, which is not detected, nor rejected...
BID-50986, VIGILANCE-VUL-11212
Our database contains other pages. You can request a free trial to read them.

Display information about Sun J2SE: