Search:Software:JDK 1.4
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
See also
SUN :
JDK 1.6
BLACKDOWN :
Blackdown JDK 1.4
SUN :
JDK 1.5
SUN :
JDK 1.3
SUN :
JDK 1.2
SUN :
JDK 1.1
Name:
SUN
: JDK 1.4
7
!
Sun Java multiple security vulnerabilities
8 different vulnerabilities, including privilege escalation, sandbox protection bypass and code excutions.
7
!
Sun Java JRE / JDK multiple security vulnerabilities
updated since 07.03.2008
Vulnerabilities on image parsing.
6
!
Sun Java JRE / JDK multiple security vulnerabilities
updated since 29.10.2007
Multiple sandbox restriction bypass vulnerabilities.
Directory traversal and absolute path in multiple archivers
updated since 11.07.2001
Directory traversal and absolute path allow to overwrite any file during archive extraction.
7
!
Java Web Start directory traversal
Directory traversal allows to bypass sandbox environment.
8!
Sun Java memory corruption
updated since 18.01.2007
Memory corruption on GIF files parsing with 0 width block. Can be used for hidden malware installation.
8!
Sun Java Runtime Environment multiple security vulnerabilities
Multiple vulnerabilities allow sandbox protection bypass and system functions access.
Java applets stack overflow
Recursive array definition leads to stack overflow.
6
!
JDK java applet disk space DoS
It's possible to consume all available disk space with temporary file.
7
!
Sun Java sandbox protection bypass
It's possible to bypass sandbox with "reflection" API. This vulnerability can be used for silent trojan installation.
9!
Sun Java JRE sandbox protection bypass
updated since 29.11.2005
Few vulnerabilities allow applets to write local files and execute applications.
Sun Java Development Toolkit DoS
Crash on font deserialization.
6
!
Sun Java / BlackDown Java sandbox protection bypass
Applet can bypass sandbox limitation to exefute privileged functions.
6
!
JRE/JDK/WINAMP/ICQ/MediaPlayer sound schema files download
updated since 17.07.2002
ICQ sound schemas are downloaded without user's intervation. It allows to upload file to known location.
JAVA XSLT processor XML sniffing
It's psosible to sniff XML data from different application domain.
SUN virtual java machine DoS
Invalid fonts handling can crash virtual machine under Windows.
Multiple jre/jdk installation symbolic link bugs
8!
JRE/JDK sandbox breaking
By using / instead of . in class name it's possible to bypass sandbox restrictions.
SUN jdk crossite scripting
jdk undocumented static variable may allow data exchange between sites.
8!
Code execution bugs in virtual Java machines
Bug in data conversion routines
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
