All the vulnerabilites related to sun - j2se
cve-2005-1974
Vulnerability from cvelistv5
Published
2005-06-14 04:00
Modified
2024-08-07 22:06
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17272"
},
{
"name": "ADV-2005-2150",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2150"
},
{
"name": "HPSBUX01215",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112861772130119\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7638"
},
{
"name": "1015643",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015643"
},
{
"name": "HPSBMA01234",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112992075412844\u0026w=2"
},
{
"name": "SSRT051052",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112992075412844\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"name": "101799",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101799-1"
},
{
"name": "13958",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13958"
},
{
"name": "SSRT051004",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112861772130119\u0026w=2"
},
{
"name": "56",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/56"
},
{
"name": "SUSE-SA:2005:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_32_java2.html"
},
{
"name": "101749",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17272"
},
{
"name": "ADV-2005-2150",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2150"
},
{
"name": "HPSBUX01215",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112861772130119\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7638"
},
{
"name": "1015643",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015643"
},
{
"name": "HPSBMA01234",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112992075412844\u0026w=2"
},
{
"name": "SSRT051052",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112992075412844\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"name": "101799",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101799-1"
},
{
"name": "13958",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13958"
},
{
"name": "SSRT051004",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112861772130119\u0026w=2"
},
{
"name": "56",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/56"
},
{
"name": "SUSE-SA:2005:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_32_java2.html"
},
{
"name": "101749",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17272",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17272"
},
{
"name": "ADV-2005-2150",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2150"
},
{
"name": "HPSBUX01215",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=112861772130119\u0026w=2"
},
{
"name": "http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7638",
"refsource": "CONFIRM",
"url": "http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7638"
},
{
"name": "1015643",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015643"
},
{
"name": "HPSBMA01234",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=112992075412844\u0026w=2"
},
{
"name": "SSRT051052",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=112992075412844\u0026w=2"
},
{
"name": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html",
"refsource": "CONFIRM",
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"name": "101799",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101799-1"
},
{
"name": "13958",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13958"
},
{
"name": "SSRT051004",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=112861772130119\u0026w=2"
},
{
"name": "56",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/56"
},
{
"name": "SUSE-SA:2005:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_32_java2.html"
},
{
"name": "101749",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1974",
"datePublished": "2005-06-14T04:00:00",
"dateReserved": "2005-06-14T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0418
Vulnerability from cvelistv5
Published
2005-03-24 05:00
Modified
2024-08-07 21:13
Severity ?
EPSS score ?
Summary
Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html | vendor-advisory, x_refsource_APPLE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2005-03-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2005-03-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2005-03-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0418",
"datePublished": "2005-03-24T05:00:00",
"dateReserved": "2005-02-15T00:00:00",
"dateUpdated": "2024-08-07T21:13:54.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0836
Vulnerability from cvelistv5
Published
2005-03-22 05:00
Modified
2024-08-07 21:28
Severity ?
EPSS score ?
Summary
Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000200.1-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://marc.info/?l=full-disclosure&m=111117284323657&w=2 | mailing-list, x_refsource_FULLDISC | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-200255-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://jouko.iki.fi/adv/ws.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/12847 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/14640 | third-party-advisory, x_refsource_SECUNIA | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.gentoo.org/security/en/glsa/glsa-200503-28.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.novell.com/linux/security/advisories/2005_32_java2.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:28.575Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1000200",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000200.1-1"
},
{
"name": "20050318 Java Web Start argument injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=111117284323657\u0026w=2"
},
{
"name": "200255",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200255-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jouko.iki.fi/adv/ws.html"
},
{
"name": "12847",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12847"
},
{
"name": "14640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14640"
},
{
"name": "57740",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1"
},
{
"name": "GLSA-200503-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-28.xml"
},
{
"name": "SUSE-SA:2005:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_32_java2.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1000200",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000200.1-1"
},
{
"name": "20050318 Java Web Start argument injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=111117284323657\u0026w=2"
},
{
"name": "200255",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200255-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jouko.iki.fi/adv/ws.html"
},
{
"name": "12847",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12847"
},
{
"name": "14640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14640"
},
{
"name": "57740",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1"
},
{
"name": "GLSA-200503-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-28.xml"
},
{
"name": "SUSE-SA:2005:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_32_java2.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1000200",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000200.1-1"
},
{
"name": "20050318 Java Web Start argument injection vulnerability",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=111117284323657\u0026w=2"
},
{
"name": "200255",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200255-1"
},
{
"name": "http://jouko.iki.fi/adv/ws.html",
"refsource": "MISC",
"url": "http://jouko.iki.fi/adv/ws.html"
},
{
"name": "12847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12847"
},
{
"name": "14640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14640"
},
{
"name": "57740",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1"
},
{
"name": "GLSA-200503-28",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-28.xml"
},
{
"name": "SUSE-SA:2005:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_32_java2.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0836",
"datePublished": "2005-03-22T05:00:00",
"dateReserved": "2005-03-22T00:00:00",
"dateUpdated": "2024-08-07T21:28:28.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0613
Vulnerability from cvelistv5
Published
2006-02-09 02:00
Modified
2024-08-07 16:41
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/16540 | vdb-entry, x_refsource_BID | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-102170-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://secunia.com/advisories/18762 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1015597 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24568 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/652636 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.vupen.com/english/advisories/2006/1398 | vdb-entry, x_refsource_VUPEN | |
| http://www.vupen.com/english/advisories/2006/0468 | vdb-entry, x_refsource_VUPEN | |
| http://docs.info.apple.com/article.html?artnum=303658 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:28.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16540",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16540"
},
{
"name": "102170",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102170-1"
},
{
"name": "18762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18762"
},
{
"name": "1015597",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015597"
},
{
"name": "javawebstart-jnlp-privilege-elevation(24568)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24568"
},
{
"name": "VU#652636",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/652636"
},
{
"name": "ADV-2006-1398",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1398"
},
{
"name": "ADV-2006-0468",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0468"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=303658"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16540",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16540"
},
{
"name": "102170",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102170-1"
},
{
"name": "18762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18762"
},
{
"name": "1015597",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015597"
},
{
"name": "javawebstart-jnlp-privilege-elevation(24568)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24568"
},
{
"name": "VU#652636",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/652636"
},
{
"name": "ADV-2006-1398",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1398"
},
{
"name": "ADV-2006-0468",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0468"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=303658"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16540",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16540"
},
{
"name": "102170",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102170-1"
},
{
"name": "18762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18762"
},
{
"name": "1015597",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015597"
},
{
"name": "javawebstart-jnlp-privilege-elevation(24568)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24568"
},
{
"name": "VU#652636",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/652636"
},
{
"name": "ADV-2006-1398",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1398"
},
{
"name": "ADV-2006-0468",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0468"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=303658",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=303658"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0613",
"datePublished": "2006-02-09T02:00:00",
"dateReserved": "2006-02-09T00:00:00",
"dateUpdated": "2024-08-07T16:41:28.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1973
Vulnerability from cvelistv5
Published
2005-06-14 04:00
Modified
2024-08-07 22:06
Severity ?
EPSS score ?
Summary
Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=112870351003598&w=2 | vendor-advisory, x_refsource_HP | |
| http://marc.info/?l=bugtraq&m=112870351003598&w=2 | vendor-advisory, x_refsource_HP | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101748-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.securityfocus.com/bid/13945 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/13958 | vdb-entry, x_refsource_BID | |
| http://securityreason.com/securityalert/61 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX01214",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112870351003598\u0026w=2"
},
{
"name": "SSRT051003",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112870351003598\u0026w=2"
},
{
"name": "101748",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101748-1"
},
{
"name": "13945",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13945"
},
{
"name": "13958",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13958"
},
{
"name": "61",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/61"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX01214",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112870351003598\u0026w=2"
},
{
"name": "SSRT051003",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112870351003598\u0026w=2"
},
{
"name": "101748",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101748-1"
},
{
"name": "13945",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13945"
},
{
"name": "13958",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13958"
},
{
"name": "61",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/61"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX01214",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=112870351003598\u0026w=2"
},
{
"name": "SSRT051003",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=112870351003598\u0026w=2"
},
{
"name": "101748",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101748-1"
},
{
"name": "13945",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13945"
},
{
"name": "13958",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13958"
},
{
"name": "61",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/61"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1973",
"datePublished": "2005-06-14T04:00:00",
"dateReserved": "2005-06-14T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6745
Vulnerability from cvelistv5
Published
2006-12-26 23:00
Modified
2024-08-07 20:42
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:42:06.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21673",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21673"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"name": "24468",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24468"
},
{
"name": "HPSBUX02196",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00876579"
},
{
"name": "26049",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26049"
},
{
"name": "RHSA-2007:0062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0062.html"
},
{
"name": "ADV-2007-1814",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"name": "25283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25283"
},
{
"name": "oval:org.mitre.oval:def:9621",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9621"
},
{
"name": "24099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24099"
},
{
"name": "25404",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25404"
},
{
"name": "24189",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24189"
},
{
"name": "SSRT071318",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00876579"
},
{
"name": "SUSE-SA:2007:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
},
{
"name": "APPLE-SA-2007-12-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"name": "SUSE-SA:2007:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
},
{
"name": "SUSE-SA:2007:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"name": "26119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26119"
},
{
"name": "23445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23445"
},
{
"name": "ADV-2007-4224",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"name": "23650",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23650"
},
{
"name": "23835",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23835"
},
{
"name": "1017426",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017426"
},
{
"name": "RHSA-2007:0073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0073.html"
},
{
"name": "VU#102289",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/102289"
},
{
"name": "GLSA-200705-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-20.xml"
},
{
"name": "28115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28115"
},
{
"name": "102731",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1"
},
{
"name": "BEA07-171.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA",
"x_transferred"
],
"url": "http://dev2dev.bea.com/pub/advisory/240"
},
{
"name": "ADV-2006-5074",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5074"
},
{
"name": "ADV-2007-0936",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0936"
},
{
"name": "GLSA-200702-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200702-08.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
},
{
"name": "TA07-022A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-022A.html"
},
{
"name": "GLSA-200701-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200701-15.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21673",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21673"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"name": "24468",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24468"
},
{
"name": "HPSBUX02196",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00876579"
},
{
"name": "26049",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26049"
},
{
"name": "RHSA-2007:0062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0062.html"
},
{
"name": "ADV-2007-1814",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"name": "25283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25283"
},
{
"name": "oval:org.mitre.oval:def:9621",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9621"
},
{
"name": "24099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24099"
},
{
"name": "25404",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25404"
},
{
"name": "24189",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24189"
},
{
"name": "SSRT071318",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00876579"
},
{
"name": "SUSE-SA:2007:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
},
{
"name": "APPLE-SA-2007-12-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"name": "SUSE-SA:2007:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
},
{
"name": "SUSE-SA:2007:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"name": "26119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26119"
},
{
"name": "23445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23445"
},
{
"name": "ADV-2007-4224",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"name": "23650",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23650"
},
{
"name": "23835",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23835"
},
{
"name": "1017426",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017426"
},
{
"name": "RHSA-2007:0073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0073.html"
},
{
"name": "VU#102289",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/102289"
},
{
"name": "GLSA-200705-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-20.xml"
},
{
"name": "28115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28115"
},
{
"name": "102731",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1"
},
{
"name": "BEA07-171.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA"
],
"url": "http://dev2dev.bea.com/pub/advisory/240"
},
{
"name": "ADV-2006-5074",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5074"
},
{
"name": "ADV-2007-0936",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0936"
},
{
"name": "GLSA-200702-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200702-08.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
},
{
"name": "TA07-022A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-022A.html"
},
{
"name": "GLSA-200701-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200701-15.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6745",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21673",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21673"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307177",
"refsource": "MISC",
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"name": "24468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24468"
},
{
"name": "HPSBUX02196",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00876579"
},
{
"name": "26049",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26049"
},
{
"name": "RHSA-2007:0062",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0062.html"
},
{
"name": "ADV-2007-1814",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"name": "25283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25283"
},
{
"name": "oval:org.mitre.oval:def:9621",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9621"
},
{
"name": "24099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24099"
},
{
"name": "25404",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25404"
},
{
"name": "24189",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24189"
},
{
"name": "SSRT071318",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00876579"
},
{
"name": "SUSE-SA:2007:045",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
},
{
"name": "APPLE-SA-2007-12-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"name": "SUSE-SA:2007:003",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html"
},
{
"name": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
},
{
"name": "SUSE-SA:2007:010",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"name": "26119",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26119"
},
{
"name": "23445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23445"
},
{
"name": "ADV-2007-4224",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"name": "23650",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23650"
},
{
"name": "23835",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23835"
},
{
"name": "1017426",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017426"
},
{
"name": "RHSA-2007:0073",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0073.html"
},
{
"name": "VU#102289",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/102289"
},
{
"name": "GLSA-200705-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-20.xml"
},
{
"name": "28115",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28115"
},
{
"name": "102731",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1"
},
{
"name": "BEA07-171.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/240"
},
{
"name": "ADV-2006-5074",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5074"
},
{
"name": "ADV-2007-0936",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0936"
},
{
"name": "GLSA-200702-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200702-08.xml"
},
{
"name": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
},
{
"name": "TA07-022A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-022A.html"
},
{
"name": "GLSA-200701-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200701-15.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6745",
"datePublished": "2006-12-26T23:00:00",
"dateReserved": "2006-12-26T00:00:00",
"dateUpdated": "2024-08-07T20:42:06.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4302
Vulnerability from cvelistv5
Published
2006-08-23 01:00
Modified
2024-08-07 19:06
Severity ?
EPSS score ?
Summary
The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities.
References
| ▼ | URL | Tags |
|---|---|---|
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.securityfocus.com/bid/8879 | vdb-entry, x_refsource_BID | |
| http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm | x_refsource_CONFIRM | |
| http://www.osvdb.org/28109 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/382413 | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1016732 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1016733 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/11757 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2006/3354 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/21570 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:06.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102557",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1"
},
{
"name": "8879",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8879"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
},
{
"name": "28109",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28109"
},
{
"name": "20041126 Java version downgrading proof-of-concept",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/382413"
},
{
"name": "1016732",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016732"
},
{
"name": "1016733",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016733"
},
{
"name": "11757",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11757"
},
{
"name": "ADV-2006-3354",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3354"
},
{
"name": "21570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21570"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-08-29T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "102557",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1"
},
{
"name": "8879",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8879"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
},
{
"name": "28109",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28109"
},
{
"name": "20041126 Java version downgrading proof-of-concept",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/382413"
},
{
"name": "1016732",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016732"
},
{
"name": "1016733",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016733"
},
{
"name": "11757",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11757"
},
{
"name": "ADV-2006-3354",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3354"
},
{
"name": "21570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21570"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102557",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1"
},
{
"name": "8879",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8879"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
},
{
"name": "28109",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28109"
},
{
"name": "20041126 Java version downgrading proof-of-concept",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/382413"
},
{
"name": "1016732",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016732"
},
{
"name": "1016733",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016733"
},
{
"name": "11757",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11757"
},
{
"name": "ADV-2006-3354",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3354"
},
{
"name": "21570",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21570"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4302",
"datePublished": "2006-08-23T01:00:00",
"dateReserved": "2006-08-22T00:00:00",
"dateUpdated": "2024-08-07T19:06:06.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2005-06-16 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:j2se:5.0:*:sdk:*:*:*:*:*",
"matchCriteriaId": "AB323619-76BA-4DCF-9613-4C963C235D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update1:*:sdk:*:*:*:*:*",
"matchCriteriaId": "90A293D3-9A69-4B33-82CE-22A7515819E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges."
}
],
"id": "CVE-2005-1973",
"lastModified": "2024-11-20T23:58:31.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-06-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112870351003598\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112870351003598\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/61"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101748-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/13945"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/13958"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112870351003598\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112870351003598\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/61"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101748-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13958"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2:*:sdk:*:*:*:*:*",
"matchCriteriaId": "E2D500E0-A80D-4C9E-94F0-6B59AFEB186A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_01:*:sdk:*:*:*:*:*",
"matchCriteriaId": "BA17272A-FCA5-420D-8724-35F15190C1AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_02:*:sdk:*:*:*:*:*",
"matchCriteriaId": "6D6E25CB-6C06-43D0-949E-BB3FEE886CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_03:*:sdk:*:*:*:*:*",
"matchCriteriaId": "B1DD35E9-9FED-49D3-8343-B9EF2C8A9C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_04:*:sdk:*:*:*:*:*",
"matchCriteriaId": "23F6CB66-75D5-472C-A6CD-8598376A065A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_05:*:sdk:*:*:*:*:*",
"matchCriteriaId": "641FA125-3979-4F12-9764-ADF06E243248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_06:*:sdk:*:*:*:*:*",
"matchCriteriaId": "9F5D9D33-F7D9-4A82-BA32-800A265B16CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file."
}
],
"id": "CVE-2005-0836",
"lastModified": "2024-11-20T23:56:00.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jouko.iki.fi/adv/ws.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=full-disclosure\u0026m=111117284323657\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14640"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200255-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000200.1-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-28.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_32_java2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jouko.iki.fi/adv/ws.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=full-disclosure\u0026m=111117284323657\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200255-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000200.1-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-28.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_32_java2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12847"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-06-16 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2:*:sdk:*:*:*:*:*",
"matchCriteriaId": "E2D500E0-A80D-4C9E-94F0-6B59AFEB186A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_01:*:sdk:*:*:*:*:*",
"matchCriteriaId": "BA17272A-FCA5-420D-8724-35F15190C1AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_02:*:sdk:*:*:*:*:*",
"matchCriteriaId": "6D6E25CB-6C06-43D0-949E-BB3FEE886CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_03:*:sdk:*:*:*:*:*",
"matchCriteriaId": "B1DD35E9-9FED-49D3-8343-B9EF2C8A9C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_04:*:sdk:*:*:*:*:*",
"matchCriteriaId": "23F6CB66-75D5-472C-A6CD-8598376A065A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_05:*:sdk:*:*:*:*:*",
"matchCriteriaId": "641FA125-3979-4F12-9764-ADF06E243248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_06:*:sdk:*:*:*:*:*",
"matchCriteriaId": "9F5D9D33-F7D9-4A82-BA32-800A265B16CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_07:*:sdk:*:*:*:*:*",
"matchCriteriaId": "BB7658E7-5BDE-4C2A-93FF-CC78C562BF7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0:*:sdk:*:*:*:*:*",
"matchCriteriaId": "AB323619-76BA-4DCF-9613-4C963C235D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update1:*:sdk:*:*:*:*:*",
"matchCriteriaId": "90A293D3-9A69-4B33-82CE-22A7515819E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges."
}
],
"id": "CVE-2005-1974",
"lastModified": "2024-11-20T23:58:31.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-06-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112861772130119\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112861772130119\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112992075412844\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112992075412844\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7638"
},
{
"source": "cve@mitre.org",
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17272"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/56"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015643"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101799-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_32_java2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/13958"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112861772130119\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112861772130119\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112992075412844\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112992075412844\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101799-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_32_java2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13958"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2150"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-26 23:28
Modified
2024-11-21 00:23
Severity ?
Summary
Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | j2se | 1.4 | |
| sun | j2se | 1.4.1 | |
| sun | j2se | 1.4.2 | |
| sun | j2se | 1.4.2_01 | |
| sun | j2se | 1.4.2_02 | |
| sun | j2se | 1.4.2_03 | |
| sun | j2se | 1.4.2_04 | |
| sun | j2se | 1.4.2_05 | |
| sun | j2se | 1.4.2_06 | |
| sun | j2se | 1.4.2_07 | |
| sun | j2se | 1.4.2_08 | |
| sun | j2se | 1.4.2_09 | |
| sun | j2se | 1.4.2_10 | |
| sun | j2se | 1.4.2_11 | |
| sun | j2se | 1.4.2_12 | |
| sun | j2se | 5.0 | |
| sun | j2se | 5.0_update1 | |
| sun | j2se | 5.0_update2 | |
| sun | j2se | 5.0_update3 | |
| sun | j2se | 5.0_update4 | |
| sun | j2se | 5.0_update5 | |
| sun | j2se | 5.0_update6 | |
| sun | j2se | 5.0_update7 | |
| sun | jre | 1.4.1 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2_1 | |
| sun | jre | 1.4.2_2 | |
| sun | jre | 1.4.2_3 | |
| sun | jre | 1.4.2_4 | |
| sun | jre | 1.4.2_5 | |
| sun | jre | 1.4.2_6 | |
| sun | jre | 1.4.2_7 | |
| sun | jre | 1.4.2_8 | |
| sun | jre | 1.4.2_9 | |
| sun | jre | 1.4.2_10 | |
| sun | jre | 1.4.2_11 | |
| sun | jre | 1.4.2_12 | |
| sun | jre | 1.4.2_13 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:j2se:1.4:*:sdk:*:*:*:*:*",
"matchCriteriaId": "438A8A6C-1907-48C9-B5A7-919A81F3C44B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.1:*:sdk:*:*:*:*:*",
"matchCriteriaId": "337D8AD6-0173-47F2-8B9D-06141AFADB36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2:*:sdk:*:*:*:*:*",
"matchCriteriaId": "E2D500E0-A80D-4C9E-94F0-6B59AFEB186A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_01:*:sdk:*:*:*:*:*",
"matchCriteriaId": "BA17272A-FCA5-420D-8724-35F15190C1AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_02:*:sdk:*:*:*:*:*",
"matchCriteriaId": "6D6E25CB-6C06-43D0-949E-BB3FEE886CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_03:*:sdk:*:*:*:*:*",
"matchCriteriaId": "B1DD35E9-9FED-49D3-8343-B9EF2C8A9C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_04:*:sdk:*:*:*:*:*",
"matchCriteriaId": "23F6CB66-75D5-472C-A6CD-8598376A065A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_05:*:sdk:*:*:*:*:*",
"matchCriteriaId": "641FA125-3979-4F12-9764-ADF06E243248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_06:*:sdk:*:*:*:*:*",
"matchCriteriaId": "9F5D9D33-F7D9-4A82-BA32-800A265B16CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_07:*:sdk:*:*:*:*:*",
"matchCriteriaId": "BB7658E7-5BDE-4C2A-93FF-CC78C562BF7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_08:*:*:*:*:*:*:*",
"matchCriteriaId": "205537C2-30DC-4799-8D85-E0398745789A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_09:*:*:*:*:*:*:*",
"matchCriteriaId": "725E42E5-EA0A-43A9-9534-BB9F55D7FF21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "EF4F4F22-B751-4306-9E5B-43CE8537CECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "48AE5AFE-561F-42BC-9976-E04EAC97A7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "BC20A9A3-C5BB-40F6-A452-8EE0C21F7180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0:*:sdk:*:*:*:*:*",
"matchCriteriaId": "AB323619-76BA-4DCF-9613-4C963C235D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update1:*:sdk:*:*:*:*:*",
"matchCriteriaId": "90A293D3-9A69-4B33-82CE-22A7515819E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update2:*:sdk:*:*:*:*:*",
"matchCriteriaId": "B62D5323-43CF-40FC-A5E0-6CC5FB31AECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update3:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B963B4-DF05-49EC-AC36-15B1F1315BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update4:*:*:*:*:*:*:*",
"matchCriteriaId": "F58929F2-09D9-4C3F-9FEF-FE3DE5952A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update5:*:*:*:*:*:*:*",
"matchCriteriaId": "872BDAB5-DB9C-4C18-89CE-296B69661677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update6:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE32461-4B52-432E-B748-16836DC4DE11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update7:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3B0EC2-4D93-4317-8114-018D9603ED23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "355CB56A-A598-4CD6-9AFB-FE0B09FFC2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63978872-E797-4F13-B0F9-98CB67D0962A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEAB662-644A-4D7B-8237-64142CF48724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9598A49-95F2-42DB-B92C-CD026F739B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "D011585C-0E62-4233-85FA-F29A07D68DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "F226D898-F0E8-41D8-BF40-54DE9FB5426D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE28C283-447A-4F83-B96B-69F96E663C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5187B1-CB86-48E8-A595-9FCFD9822C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Sun Java Development Kit (JDK) y Java Runtime Environment (JRE) 5.0 Update 7 y anteriores, y Java System Development Kit (SDK) y JRE1.4.2_12 y anteriores versiones 1.4.x, permiten a atacantes remotos desarrollar applets o aplicaciones Java que son capaces de obtener privilegios, relacionados con la serializaci\u00f3n en JRE."
}
],
"id": "CVE-2006-6745",
"lastModified": "2024-11-21T00:23:33.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-12-26T23:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dev2dev.bea.com/pub/advisory/240"
},
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00876579"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00876579"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23445"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23650"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23835"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24099"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24189"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24468"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25283"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25404"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26049"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26119"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28115"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200701-15.xml"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200702-08.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017426"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-20.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/102289"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0062.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0073.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21673"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-022A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/5074"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0936"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dev2dev.bea.com/pub/advisory/240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00876579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00876579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23650"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200701-15.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200702-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/102289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0062.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0073.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-022A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/5074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9621"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-09 02:02
Modified
2024-11-21 00:06
Severity ?
Summary
Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:j2se:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EB369F-47FF-47C6-8F5F-769A7BB1B4B0",
"versionEndIncluding": "5.0_update5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications."
}
],
"id": "CVE-2006-0613",
"lastModified": "2024-11-21T00:06:55.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-02-09T02:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=303658"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18762"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015597"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102170-1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/652636"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16540"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0468"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/1398"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=303658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102170-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/652636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24568"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:55
Severity ?
Summary
Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2:*:sdk:*:*:*:*:*",
"matchCriteriaId": "E2D500E0-A80D-4C9E-94F0-6B59AFEB186A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_01:*:sdk:*:*:*:*:*",
"matchCriteriaId": "BA17272A-FCA5-420D-8724-35F15190C1AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_02:*:sdk:*:*:*:*:*",
"matchCriteriaId": "6D6E25CB-6C06-43D0-949E-BB3FEE886CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_03:*:sdk:*:*:*:*:*",
"matchCriteriaId": "B1DD35E9-9FED-49D3-8343-B9EF2C8A9C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_04:*:sdk:*:*:*:*:*",
"matchCriteriaId": "23F6CB66-75D5-472C-A6CD-8598376A065A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_05:*:sdk:*:*:*:*:*",
"matchCriteriaId": "641FA125-3979-4F12-9764-ADF06E243248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2_06:*:sdk:*:*:*:*:*",
"matchCriteriaId": "9F5D9D33-F7D9-4A82-BA32-800A265B16CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836."
}
],
"id": "CVE-2005-0418",
"lastModified": "2024-11-20T23:55:04.823",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-23 01:04
Modified
2024-11-21 00:15
Severity ?
Summary
The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | j2se | 1.3.0_02 | |
| sun | j2se | 1.4.2 | |
| sun | j2se | 5.0 | |
| sun | j2se | 5.0_update1 | |
| sun | j2se | 5.0_update5 | |
| sun | java_web_start | 1.0 | |
| sun | java_web_start | 1.0.1 | |
| sun | java_web_start | 1.0.1_01 | |
| sun | java_web_start | 1.0.1_02 | |
| sun | java_web_start | 1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:j2se:1.3.0_02:*:sdk:*:*:*:*:*",
"matchCriteriaId": "FD1870BA-062F-41D1-8038-F722BE368516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:1.4.2:*:sdk:*:*:*:*:*",
"matchCriteriaId": "E2D500E0-A80D-4C9E-94F0-6B59AFEB186A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0:*:sdk:*:*:*:*:*",
"matchCriteriaId": "AB323619-76BA-4DCF-9613-4C963C235D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update1:*:sdk:*:*:*:*:*",
"matchCriteriaId": "90A293D3-9A69-4B33-82CE-22A7515819E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:j2se:5.0_update5:*:*:*:*:*:*:*",
"matchCriteriaId": "872BDAB5-DB9C-4C18-89CE-296B69661677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_web_start:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1E8E17-C426-424C-82D7-0D54D2B83687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_web_start:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C248C52-F922-458D-9566-0AEA9FEC037A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_web_start:1.0.1_01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B745C9-7B4B-4ECD-AE4C-11C332DB08FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_web_start:1.0.1_02:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1EEB86-E5BB-4034-B9FD-C869F6D069EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_web_start:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B53966B2-0CC5-4590-A7C7-82252F837A26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities."
},
{
"lang": "es",
"value": "Java Plug-in J2SE 1.3.0_02 hasta 5.0 Update 5, y Java Web Start 1.0 hasta 1.2 y J2SE 1.4.2 hasta 5.0 Update 5, permite a atacantes remotos explotar vulnerabilidades especificando una versi\u00f3n JRE que contiene vulnerabilidades."
}
],
"id": "CVE-2006-4302",
"lastModified": "2024-11-21T00:15:37.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-23T01:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21570"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016732"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016733"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/28109"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/382413"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11757"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/8879"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/28109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/382413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/8879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3354"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}