The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Sun JRE

Java JDK/JRE/SDK: several vulnerabilities
Several vulnerabilities were announced in Java JDK/JRE/SDK...
233321, 233322, 233323, 233324, 233325, 233326, 233327, 6587132, 6588002, 6593303, 6605184, 6605187, 6608712, 6609756, 6611594, 6623233, 6633265, 6633278, 6634129, 6660121, 6660717, BID-28083, BID-28125, CERTA-2008-AVI-118, CERTA-2008-AVI-476, CESA-2007-005, CVE-2008-1185, CVE-2008-1186, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196, FEDORA-2008-2229, RHSA-2008:0186-01, RHSA-2008:0210-01, RHSA-2008:0243-01, RHSA-2008:0244-01, RHSA-2008:0245-01, RHSA-2008:0267-01, RHSA-2008:0555-01, SUSE-SA:2008:018, SUSE-SA:2008:025, VIGILANCE-VUL-7632, VMSA-2008-00010.3, VU#223028, ZDI-08-009, ZDI-08-010
Java JDK/JRE: two vulnerabilities
Two vulnerabilities permit an applet or an application to access to a file or to execute commands...
231261, 6529590, 6529591, BID-27650, CERTA-2008-AVI-044, CVE-2008-0657, PK64999, PK65161, PSN-2011-02-159, RHSA-2008:0123-01, RHSA-2008:0156-02, RHSA-2008:0210-01, SUSE-SA:2008:025, VIGILANCE-VUL-7549, VMSA-2008-00010.3
Java JRE: file access via XML entities
An attacker can provide XML data using an external entity, in order to access to the content of a file or to create a denial of service...
231246, 6568262, BID-27553, CERTA-2008-AVI-216, CESA-2007-002, CVE-2008-0628, RHSA-2008:0245-01, VIGILANCE-VUL-7539
Java JRE, JDK, SDK: privilege elevation via a font
A malicious Java applet can generate an error when a font is parsed in order to execute code...
102934, 103024, 6376296, 6483556, 6483560, BID-25340, CVE-2007-4381, NGS00419, PK64999, PK65161, RHSA-2007:0956-01, RHSA-2007:1086-01, RHSA-2008:0100-01, RHSA-2008:0132-01, SUSE-SA:2008:025, VIGILANCE-VUL-7102
JRE, JDK, SDK: connection to a local port
A Java applet can connect to a local port of victim's computer...
102934, 102958, 102995, 6483556, 6483560, 6490790, BID-25054, c01269450, CERTA-2007-AVI-349, CVE-2007-3922, HPSBMA02288, NGS00443, RHSA-2007:0818-01, RHSA-2007:0829-01, RHSA-2008:0133-01, SSA:2007-243-01, SSRT071465, SUSE-SA:2007:056, VIGILANCE-VUL-7020
JRE: privilege escalation of an applet
A remote attacker can create a malicious Java applet in order to run code on the machine of the target...
103112, 6571539, c01234533, CVE-2007-5689, HPSBUX02284, PK64999, PK65161, SSRT071483, VIGILANCE-VUL-7277, VMSA-2008-00010.3
Java JDK/SDK/JRE: multiple vulnerabilities
Several vulnerabilities of Java JDK/SDK/JRE environment permit an attacker to access to files or to create network connections...
103071, 103072, 103073, 103078, 103079, 6569621, 6589527, 6590813, 6590827, 6590837, 6590850, 6590857, 6594007, 6609269, BID-25918, BID-25920, c01234533, CERTA-2007-AVI-440, CVE-2007-5232, CVE-2007-5236, CVE-2007-5237, CVE-2007-5238, CVE-2007-5239, CVE-2007-5240, CVE-2007-5273, CVE-2007-5274, HPSBUX02284, RHSA-2007:0963-01, RHSA-2007:1041-01, RHSA-2008:0100-01, RHSA-2008:0132-01, RHSA-2008:0156-02, SSRT071483, SUSE-SA:2007:055, SUSE-SA:2008:025, VIGILANCE-VUL-7212, VMSA-2008-00010.3, VU#336105
JDK: buffer overflow via a BMP or JPG image
An attacker can create a malicious BMP or JPG image in order to execute code on computer of victims opening it with a JDK application...
102686, 102934, 6466389, 6469538, 6483556, 6483560, BID-24004, BID-24267, CESA-2006-004, CVE-2007-2788, CVE-2007-2789, CVE-2007-3004-REJECT, CVE-2007-3005-REJECT, RHSA-2007:0817-01, RHSA-2007:0818-01, RHSA-2007:0829-01, RHSA-2007:0956-01, RHSA-2007:1086-01, RHSA-2008:0100-01, RHSA-2008:0133-01, RHSA-2008:0261-01, RHSA-2008:0524-01, SUSE-SA:2007:045, SUSE-SA:2007:056, VIGILANCE-VUL-6817, VMSA-2008-0002, VMSA-2008-0002.1, VU#138545
Java JRE, Flash: bypassing DNS pinning
An attacker can create a HTML page calling a plugin and bypassing the DNS pinning protection included in web browsers...
103078, 6569621, 6609269, APSB07-20, CVE-2007-5273, CVE-2007-5274, CVE-2007-5275, CVE-2007-5375, RHSA-2007:1126-01, SUSE-SA:2008:025, VIGILANCE-VUL-7238, VMSA-2008-00010.3
JDK, JRE: code execution via XSLT style sheets
When a XML signature contains a malicious style sheet, code can run with privileges of application...
102945, 102992, 102993, 201255, 6519471, 6523817, 6534224, 6540248, 6542007, 6546271, 6567841, 6568090, BID-24850, CVE-2007-3715, CVE-2007-3716, VIGILANCE-VUL-6993
Our database contains other pages. You can request a free trial to read them.

Display information about Sun JRE: