The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Sun SDK

JDK, JRE: code execution via XSLT style sheets
When a XML signature contains a malicious style sheet, code can run with privileges of application...
102945, 102992, 102993, 201255, 6519471, 6523817, 6534224, 6540248, 6542007, 6546271, 6567841, 6568090, BID-24850, CVE-2007-3715, CVE-2007-3716, VIGILANCE-VUL-6993
Java Web Start: buffer overflow of JNLP
An attacker can create a malicious JNLP file in order to execute code on computer of victims with Java Web Start installed...
102958, 102996, 6490790, 6501487, BID-24832, CVE-2007-3655, RHSA-2007:0829-01, SUSE-SA:2007:056, VIGILANCE-VUL-6978
JDK, JRE, SDK: denial of service of JSSE
An attacker can connect to SSL services created with JSSE in order to generate a denial of service...
102934, 102958, 102997, 6483556, 6483560, 6490790, 6542796, BID-24846, c01269450, c01601492, CVE-2007-3698, HPSBMA02288, HPSBMA02384, RHSA-2007:0956-01, RHSA-2007:1086-01, RHSA-2008:0100-01, RHSA-2008:0132-01, SSRT071465, SUSE-SA:2008:025, VIGILANCE-VUL-6999
JRE, JDK, SDK: file modification via Java Web Start
A Java application can alter a file with victim's rights...
102881, 102957, 102958, 6461918, 6490790, 6499357, BID-24695, CVE-2007-3504, VIGILANCE-VUL-6959
JDK: Cross Site Scripting via JavaDoc
Documents generated by JavaDoc can be used to generate a Cross Site Scripting attack...
102958, 6490790, BID-24690, CVE-2007-3503, RHSA-2007:0956-01, VIGILANCE-VUL-6958
Java Web Start: privilege elevation via JNLP
A malicious applet can access to local files of victim's computer via Java Web Start...
102881, 6461918, BID-23728, CERTA-2007-AVI-238, CERTA-2007-AVI-348, CVE-2007-2435, RHSA-2007:0817-01, RHSA-2007:0818-01, RHSA-2007:0829-01, RHSA-2008:0261-01, RHSA-2008:0524-01, VIGILANCE-VUL-6775
JDK: information disclosure via JMX RMI-IIOP
A local attacker can access to information of users of a JMX RMI-IIOP application...
102835, 4984695, BID-22907, VIGILANCE-VUL-6633
Java SDK/JRE/JDK: memory corruption via a GIF image
An attacker can create a Java applet loading a special GIF image in order to execute code on victim's computer...
102686, 102760, 6445518, 6466389, 6469538, BID-22085, c00876579, CERTA-2007-AVI-033, CVE-2007-0243, HPSBUX02196, RHSA-2007:0166-01, RHSA-2007:0167-01, RHSA-2007:0956-01, RHSA-2008:0261-01, RHSA-2008:0524-01, SSRT07138, SUSE-SA:2007:045, TLSA-2007-8, VIGILANCE-VUL-6476, VU#388289, ZDI-07-005
JRE, JDK, SDK: two overflows
Two overflows permit a malicious applet to execute code on user's computer...
102686, 102729, 102731, 6363511, 6363512, 6387628, 6393286, 6466389, 6469538, BID-21675, c00876579, CERTA-2006-AVI-570, CERTA-2007-AVI-121, CESA-2005-008, CVE-2006-6731, HPSBUX02196, RHSA-2007:0062-02, RHSA-2007:0072-01, RHSA-2007:0073-01, SSRT07138, SUSE-SA:2007:003, SUSE-SA:2007:010, VIGILANCE-VUL-6417, VU#149457, VU#939609
JRE, JDK, SDK: access to data of other applets
A malicious applet can access to data of other applets via two vulnerabilities...
102732, 6332750, 6378197, BID-21674, CVE-2006-6736, CVE-2006-6737, RHSA-2007:0062-02, RHSA-2007:0072-01, RHSA-2007:0073-01, SUSE-SA:2007:003, SUSE-SA:2007:010, SUSE-SA:2007:045, VIGILANCE-VUL-6419
Our database contains other pages. You can request a free trial to read them.

Display information about Sun SDK: