Search criteria
9 vulnerabilities found for java_enterprise_system by sun
FKIE_CVE-2007-2435
Vulnerability from fkie_nvd - Published: 2007-05-02 10:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_enterprise_system:*:update10:*:*:*:*:*:*",
"matchCriteriaId": "30914423-2DED-4015-92D2-9B9C5BA1283A",
"versionEndIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update13:*:*:*:*:*:*",
"matchCriteriaId": "237F087F-53C4-400D-B132-37BBEEA3E03D",
"versionEndIncluding": "1.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update10:*:*:*:*:*:*",
"matchCriteriaId": "1CBCA6F7-38C1-4B08-8E46-4322497B2B54",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A25A5A79-1BF1-4EEC-B407-758A9A986188",
"versionEndIncluding": "1.4.3_13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to \"Incorrect Use of System Classes\" and probably related to support for JNLP files."
},
{
"lang": "es",
"value": "Sun Java Web Start en JDK y JRE 5.0 hasta 10 y anteriores, y Java Web Start en SDK y JRE 1.4.2_13 y anteriores, permite a atacantes remotos realizar acciones no autorizadas a trav\u00e9s de una aplicaci\u00f3n que concede privilegios a si mismo, relacionado con \"Uso incorrecto de sistemas de clases\" y probablemente relacionado con el apoyo para ficheros JNLP."
}
],
"evaluatorSolution": "The vendor has addressed this issue through product updates that can be found at: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1",
"id": "CVE-2007-2435",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-02T10:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dev2dev.bea.com/pub/advisory/241"
},
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35483"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25069"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25283"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25413"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25474"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25832"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26311"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26369"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28115"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29858"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30780"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23728"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017986"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1598"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dev2dev.bea.com/pub/advisory/241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-3127
Vulnerability from fkie_nvd - Published: 2006-06-21 23:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | java_enterprise_system | 2003q4 | |
| sun | java_enterprise_system | 2004q2 | |
| sun | java_enterprise_system | 2005q1 | |
| sun | java_system_directory_server | 5.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_enterprise_system:2003q4:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8DFE4D-1FB6-41D7-AAB6-82400C6B4504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_enterprise_system:2004q2:*:*:*:*:*:*:*",
"matchCriteriaId": "132976FA-A42E-4CC0-8C8F-9A034A046B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_enterprise_system:2005q1:*:*:*:*:*:*:*",
"matchCriteriaId": "50246E42-89BE-4F08-A7D0-22977C985C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations."
},
{
"lang": "es",
"value": "Fallo de memoria en la Red de Servicios de Seguridad (NSS) 3.11, tal como se utiliza en Sun Java Enterprise System 2003Q4 2005Q1 y por medio de Java System Directory Server 5.2, permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) mediante la realizaci\u00f3n de un gran n\u00famero de operaciones de cifrado RSA ."
}
],
"id": "CVE-2006-3127",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-21T23:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25048"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016294"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18604"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20846"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1573"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0826
Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44E0E1D0-F71C-4A3F-B3EE-97B299EF2AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47CD4C15-02C8-42F2-9AF3-E44F74DE62B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DDE473-7A61-46AD-9D3B-CA299928FD44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "046596DB-57EB-4354-A79E-B3B1D5B4DD26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0755B957-CB78-4B8E-9CFE-D53389789ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "17D292FA-E062-4C52-AE0A-CA7D183D9E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83E1A0EA-9E2F-407F-A72F-D5061B6CD318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B565D82B-CAB8-4512-B7B7-0402146DD2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "68341EA6-4FF0-4F87-AC71-4EC5D648406C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A91596AC-3F28-4BBD-A697-81909A5407B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A57A5053-018B-468C-BC18-5140E6B5B048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C2962B1B-4B7F-4527-AE4C-C76787FEDB67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE921188-7A50-479F-853F-95127C9BE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F710939C-8598-40FE-9D5F-A3665723A5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "75572113-BD36-49BB-B7A1-177EB7DD3AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F18265E-EE99-4D0F-B975-22A86077A611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E3EA58-3FD3-4AD8-AA63-057F8D31301B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A51D3086-99CB-4C01-B286-3F7F6B6FB3AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA7EB49-52A7-4AFC-9D7D-0225A430B636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:certificate_server:1.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "72E930EF-CCEC-44EA-AA45-18644EFDA5F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:certificate_server:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "506D842B-339C-452A-A229-C6B59B0E038D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:directory_server:1.3:patch5:*:*:*:*:*:*",
"matchCriteriaId": "1CD1E4C9-BFF1-4818-A1B8-ECD7B54C8B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:directory_server:3.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "492922BE-3B31-486C-94B5-114089E51E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:directory_server:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "70E0FF18-9B01-4500-9599-8F085655C388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:directory_server:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE69D422-E6FF-40F5-BC73-73BE3A042DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:directory_server:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "39B65825-FE48-4938-A04F-12740611681B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:directory_server:4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE13D7D-2171-44F3-84D3-4CFD024AA3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5E0298-99D9-476D-A7DF-36C6207482DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:2.0.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "8E0069EE-831B-4E6D-9AF9-71EFC9EED509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:2.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "5234109F-AD90-4324-AA03-C5DE007D32F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7B9FDA-DC62-4EC9-9120-A7E6795C2815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "60812728-EC82-461E-BBDC-C5B4C1BF79E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.0.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D94D2CA3-9868-4F27-B31D-D3EDC256BE5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.0.7a:*:netware:*:*:*:*:*",
"matchCriteriaId": "75FFC8CC-AB53-40CD-B6DF-C8CC17320FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.0l:*:*:*:*:*:*:*",
"matchCriteriaId": "89FAF40A-00F0-48BA-BEE7-4722C82DC54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D6280F25-3BC7-4701-914A-9ADC35A1A73B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE2CB845-D0E6-4B45-95A1-879BCCA037D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F18F9770-12E2-44D5-ABB6-EDFD2383BFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2CB1E6-63A1-42C5-889C-7EA83CB50543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34D42A9F-449C-4F4D-B610-538BF133F744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.5:*:solaris:*:*:*:*:*",
"matchCriteriaId": "5AECADB3-F1EC-4410-AECF-D2C08B18F517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4147A43C-DA7B-4D08-90E9-72DE57B1D61D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3577B789-DBB6-413D-B964-B32FE3E8CD8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.6:*:solaris:*:*:*:*:*",
"matchCriteriaId": "FFBC4A27-818F-4B2C-818E-62FB43440DD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "1721BFD6-7914-4ADB-8205-38964C8FFDA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.6:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4EB62E6F-87E2-4A98-B4BD-3E0036CE7640",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.6:sp3:*:*:*:*:*:*",
"matchCriteriaId": "418B500F-2A05-4419-997F-E04ECA2E3626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD208FC-AC17-45DF-9A5F-D8CDA6DB3A7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "4A29E0A5-9C1D-4CCF-AEEB-FF0B32B4201D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "0CE4230F-88A6-49DD-A05A-FCF4F2A5FF6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:4.1:sp5:*:*:*:*:*:*",
"matchCriteriaId": "85FAD645-5AFB-4553-85DA-D25E0333A26C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:4.1:sp6:*:*:*:*:*:*",
"matchCriteriaId": "0D98D58B-AE93-4471-81E0-FD0A4ED1AD51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:4.1:sp7:*:*:*:*:*:*",
"matchCriteriaId": "85C1DEB1-2628-45D4-9DB4-64A4CF9C89B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:4.1:sp8:*:*:*:*:*:*",
"matchCriteriaId": "F331B4BD-1381-4011-B2D9-9CD9B73F976B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:4.1.1:*:netware:*:*:*:*:*",
"matchCriteriaId": "B708CDB3-0BF9-4FE4-855F-DB6E1FE5A319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:5.0:*:netware:*:*:*:*:*",
"matchCriteriaId": "DA8D4321-3683-460F-AFAA-1D31E9B16818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:personalization_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B348FC-6FEF-4682-BC25-82E726BFB64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_enterprise_system:2003q4:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8DFE4D-1FB6-41D7-AAB6-82400C6B4504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_enterprise_system:2004q2:*:*:*:*:*:*:*",
"matchCriteriaId": "132976FA-A42E-4CC0-8C8F-9A034A046B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_application_server:7.0:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "EE5A4BC2-ED34-4968-881E-ED6AD300AC42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_application_server:7.0:*:platform:*:*:*:*:*",
"matchCriteriaId": "D00790CE-CD77-4C39-80AC-5FBD298DD63A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_application_server:7.0:*:standard:*:*:*:*:*",
"matchCriteriaId": "BC5F2280-EC46-4D2F-8402-FE91ECEE6A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_application_server:7.0:ur4:*:*:*:*:*:*",
"matchCriteriaId": "60EBC552-FAC2-4833-B1A6-696DC06301A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_application_server:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E583F338-CF10-4FD5-8A86-A3CE46E863DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_application_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "352D9910-BC83-44B2-B5C0-59B8F2C23142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_application_server:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F316ECED-A6E3-43AC-BA05-C42F2CB0D830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_application_server:6.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "FA32646E-1014-47D1-9C96-6CD8F0B13480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33621D67-8191-42EE-8859-8B5FC30F935A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0C6F8563-701E-4E54-A0C9-67E9DF74D60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp10:*:*:*:*:*:*",
"matchCriteriaId": "4022E5C6-5651-45DD-AF73-89CF38E71D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp11:*:*:*:*:*:*",
"matchCriteriaId": "EEF4CFCE-DEEC-4652-A96F-0C7B5A88175A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp12:*:*:*:*:*:*",
"matchCriteriaId": "873034EA-B3C6-43E6-AE98-A04598D9A392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp13:*:*:*:*:*:*",
"matchCriteriaId": "AC90D2B4-4FBE-405A-BD17-F84A37DC914E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp14:*:*:*:*:*:*",
"matchCriteriaId": "04366BB7-9F1D-4EC0-AE79-9603F71166C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "AE01BAC9-DC57-4BC8-9BFB-9C7C94A516A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "1CEA91AD-443D-4856-AC7A-3DDE0791134D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "07C1D4DC-252A-4602-A916-32E51CCA75B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp5:*:*:*:*:*:*",
"matchCriteriaId": "526D2FAD-4241-412C-8863-B273D3733153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp6:*:*:*:*:*:*",
"matchCriteriaId": "B8A796CB-D675-49FC-98BA-4D527211C70D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp7:*:*:*:*:*:*",
"matchCriteriaId": "8693959B-7D5D-414B-8660-2A693AF24541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp8:*:*:*:*:*:*",
"matchCriteriaId": "1BDC4A06-33A1-4619-B870-7F2AF1D332F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:4.1:sp9:*:*:*:*:*:*",
"matchCriteriaId": "8A445032-AD7B-4971-B175-DF3183A4A12C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:6.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "38698A3B-9597-4BC9-B112-BB908C3DE86B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:6.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "78587B6D-2A95-4714-9632-4F75CD552E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:6.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "279FE555-E290-4B17-855D-781C9B58ED55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:6.0:sp7:*:*:*:*:*:*",
"matchCriteriaId": "26A8BE1A-082B-4CB5-97D0-7964FBC93572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:6.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "3609AA35-6B6A-47A1-B1D4-011B735E0671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E66F55C3-F5BD-49A7-B561-ACD8D522225D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:6.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4493C646-DF4B-45C7-86F7-A71AC9B1CA97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_web_server:6.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "689F0A9F-8F34-4958-B869-C4FB8BC02406",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*",
"matchCriteriaId": "D73D159B-C3D8-4BBD-8BAA-E9E8D3AD3A04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message."
}
],
"id": "CVE-2004-0826",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109351293827731\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11015"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/180"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109351293827731\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16314"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-2435 (GCVE-0-2007-2435)
Vulnerability from cvelistv5 – Published: 2007-05-02 10:00 – Updated: 2024-08-07 13:42
VLAI?
Summary
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"name": "BEA07-173.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA",
"x_transferred"
],
"url": "http://dev2dev.bea.com/pub/advisory/241"
},
{
"name": "23728",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23728"
},
{
"name": "ADV-2007-1814",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"name": "26311",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26311"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"
},
{
"name": "25283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25283"
},
{
"name": "35483",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35483"
},
{
"name": "GLSA-200705-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
},
{
"name": "ADV-2007-1598",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1598"
},
{
"name": "26369",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26369"
},
{
"name": "25413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25413"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "APPLE-SA-2007-12-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"name": "RHSA-2007:0817",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
},
{
"name": "25832",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25832"
},
{
"name": "ADV-2007-4224",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"name": "GLSA-200706-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
},
{
"name": "102881",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"
},
{
"name": "javawebstart-classes-privilege-escalation(33984)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "1017986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017986"
},
{
"name": "25069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25069"
},
{
"name": "28115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28115"
},
{
"name": "RHSA-2008:0261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"name": "25474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25474"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "oval:org.mitre.oval:def:10999",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"
},
{
"name": "RHSA-2007:0829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to \"Incorrect Use of System Classes\" and probably related to support for JNLP files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"name": "BEA07-173.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA"
],
"url": "http://dev2dev.bea.com/pub/advisory/241"
},
{
"name": "23728",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23728"
},
{
"name": "ADV-2007-1814",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"name": "26311",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26311"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"
},
{
"name": "25283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25283"
},
{
"name": "35483",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35483"
},
{
"name": "GLSA-200705-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
},
{
"name": "ADV-2007-1598",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1598"
},
{
"name": "26369",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26369"
},
{
"name": "25413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25413"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "APPLE-SA-2007-12-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"name": "RHSA-2007:0817",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
},
{
"name": "25832",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25832"
},
{
"name": "ADV-2007-4224",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"name": "GLSA-200706-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
},
{
"name": "102881",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"
},
{
"name": "javawebstart-classes-privilege-escalation(33984)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "1017986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017986"
},
{
"name": "25069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25069"
},
{
"name": "28115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28115"
},
{
"name": "RHSA-2008:0261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"name": "25474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25474"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "oval:org.mitre.oval:def:10999",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"
},
{
"name": "RHSA-2007:0829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to \"Incorrect Use of System Classes\" and probably related to support for JNLP files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://docs.info.apple.com/article.html?artnum=307177",
"refsource": "MISC",
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"name": "BEA07-173.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/241"
},
{
"name": "23728",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23728"
},
{
"name": "ADV-2007-1814",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"name": "26311",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26311"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"
},
{
"name": "25283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25283"
},
{
"name": "35483",
"refsource": "OSVDB",
"url": "http://osvdb.org/35483"
},
{
"name": "GLSA-200705-23",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
},
{
"name": "ADV-2007-1598",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1598"
},
{
"name": "26369",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26369"
},
{
"name": "25413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25413"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "APPLE-SA-2007-12-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"name": "RHSA-2007:0817",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
},
{
"name": "25832",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25832"
},
{
"name": "ADV-2007-4224",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"name": "GLSA-200706-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
},
{
"name": "102881",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"
},
{
"name": "javawebstart-classes-privilege-escalation(33984)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "1017986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017986"
},
{
"name": "25069",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25069"
},
{
"name": "28115",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28115"
},
{
"name": "RHSA-2008:0261",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"name": "25474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25474"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "oval:org.mitre.oval:def:10999",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"
},
{
"name": "RHSA-2007:0829",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2435",
"datePublished": "2007-05-02T10:00:00",
"dateReserved": "2007-05-01T00:00:00",
"dateUpdated": "2024-08-07T13:42:33.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3127 (GCVE-0-2006-3127)
Vulnerability from cvelistv5 – Published: 2006-06-21 23:00 – Updated: 2024-08-07 18:16
VLAI?
Summary
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:05.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18604",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18604"
},
{
"name": "102461",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
},
{
"name": "ADV-2007-1573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1573"
},
{
"name": "1016294",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016294"
},
{
"name": "25048",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25048"
},
{
"name": "102896",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
},
{
"name": "FEDORA-2006-728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
},
{
"name": "20846",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20846"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-06-27T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18604",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18604"
},
{
"name": "102461",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
},
{
"name": "ADV-2007-1573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1573"
},
{
"name": "1016294",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016294"
},
{
"name": "25048",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25048"
},
{
"name": "102896",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
},
{
"name": "FEDORA-2006-728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
},
{
"name": "20846",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20846"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18604"
},
{
"name": "102461",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
},
{
"name": "ADV-2007-1573",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1573"
},
{
"name": "1016294",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016294"
},
{
"name": "25048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25048"
},
{
"name": "102896",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
},
{
"name": "FEDORA-2006-728",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
},
{
"name": "20846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20846"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3127",
"datePublished": "2006-06-21T23:00:00",
"dateReserved": "2006-06-21T00:00:00",
"dateUpdated": "2024-08-07T18:16:05.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0826 (GCVE-0-2004-0826)
Vulnerability from cvelistv5 – Published: 2004-09-02 04:00 – Updated: 2024-08-08 00:31
VLAI?
Summary
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11015",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11015"
},
{
"name": "20040823 Netscape NSS Library Remote Compromise",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/180"
},
{
"name": "sslv2-client-hello-overflow(16314)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16314"
},
{
"name": "SSRT4779",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109351293827731\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11015",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11015"
},
{
"name": "20040823 Netscape NSS Library Remote Compromise",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/180"
},
{
"name": "sslv2-client-hello-overflow(16314)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16314"
},
{
"name": "SSRT4779",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109351293827731\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11015",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11015"
},
{
"name": "20040823 Netscape NSS Library Remote Compromise",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/180"
},
{
"name": "sslv2-client-hello-overflow(16314)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16314"
},
{
"name": "SSRT4779",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=109351293827731\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0826",
"datePublished": "2004-09-02T04:00:00",
"dateReserved": "2004-08-27T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2435 (GCVE-0-2007-2435)
Vulnerability from nvd – Published: 2007-05-02 10:00 – Updated: 2024-08-07 13:42
VLAI?
Summary
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"name": "BEA07-173.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA",
"x_transferred"
],
"url": "http://dev2dev.bea.com/pub/advisory/241"
},
{
"name": "23728",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23728"
},
{
"name": "ADV-2007-1814",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"name": "26311",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26311"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"
},
{
"name": "25283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25283"
},
{
"name": "35483",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35483"
},
{
"name": "GLSA-200705-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
},
{
"name": "ADV-2007-1598",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1598"
},
{
"name": "26369",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26369"
},
{
"name": "25413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25413"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "APPLE-SA-2007-12-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"name": "RHSA-2007:0817",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
},
{
"name": "25832",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25832"
},
{
"name": "ADV-2007-4224",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"name": "GLSA-200706-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
},
{
"name": "102881",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"
},
{
"name": "javawebstart-classes-privilege-escalation(33984)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "1017986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017986"
},
{
"name": "25069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25069"
},
{
"name": "28115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28115"
},
{
"name": "RHSA-2008:0261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"name": "25474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25474"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "oval:org.mitre.oval:def:10999",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"
},
{
"name": "RHSA-2007:0829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to \"Incorrect Use of System Classes\" and probably related to support for JNLP files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"name": "BEA07-173.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA"
],
"url": "http://dev2dev.bea.com/pub/advisory/241"
},
{
"name": "23728",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23728"
},
{
"name": "ADV-2007-1814",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"name": "26311",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26311"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"
},
{
"name": "25283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25283"
},
{
"name": "35483",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35483"
},
{
"name": "GLSA-200705-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
},
{
"name": "ADV-2007-1598",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1598"
},
{
"name": "26369",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26369"
},
{
"name": "25413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25413"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "APPLE-SA-2007-12-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"name": "RHSA-2007:0817",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
},
{
"name": "25832",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25832"
},
{
"name": "ADV-2007-4224",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"name": "GLSA-200706-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
},
{
"name": "102881",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"
},
{
"name": "javawebstart-classes-privilege-escalation(33984)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "1017986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017986"
},
{
"name": "25069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25069"
},
{
"name": "28115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28115"
},
{
"name": "RHSA-2008:0261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"name": "25474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25474"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "oval:org.mitre.oval:def:10999",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"
},
{
"name": "RHSA-2007:0829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to \"Incorrect Use of System Classes\" and probably related to support for JNLP files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://docs.info.apple.com/article.html?artnum=307177",
"refsource": "MISC",
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"name": "BEA07-173.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/241"
},
{
"name": "23728",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23728"
},
{
"name": "ADV-2007-1814",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1814"
},
{
"name": "26311",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26311"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"
},
{
"name": "25283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25283"
},
{
"name": "35483",
"refsource": "OSVDB",
"url": "http://osvdb.org/35483"
},
{
"name": "GLSA-200705-23",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
},
{
"name": "ADV-2007-1598",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1598"
},
{
"name": "26369",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26369"
},
{
"name": "25413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25413"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "APPLE-SA-2007-12-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
},
{
"name": "RHSA-2007:0817",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
},
{
"name": "25832",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25832"
},
{
"name": "ADV-2007-4224",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"name": "GLSA-200706-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
},
{
"name": "102881",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"
},
{
"name": "javawebstart-classes-privilege-escalation(33984)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "1017986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017986"
},
{
"name": "25069",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25069"
},
{
"name": "28115",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28115"
},
{
"name": "RHSA-2008:0261",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"name": "25474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25474"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "oval:org.mitre.oval:def:10999",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"
},
{
"name": "RHSA-2007:0829",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2435",
"datePublished": "2007-05-02T10:00:00",
"dateReserved": "2007-05-01T00:00:00",
"dateUpdated": "2024-08-07T13:42:33.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3127 (GCVE-0-2006-3127)
Vulnerability from nvd – Published: 2006-06-21 23:00 – Updated: 2024-08-07 18:16
VLAI?
Summary
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:05.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18604",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18604"
},
{
"name": "102461",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
},
{
"name": "ADV-2007-1573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1573"
},
{
"name": "1016294",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016294"
},
{
"name": "25048",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25048"
},
{
"name": "102896",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
},
{
"name": "FEDORA-2006-728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
},
{
"name": "20846",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20846"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-06-27T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18604",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18604"
},
{
"name": "102461",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
},
{
"name": "ADV-2007-1573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1573"
},
{
"name": "1016294",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016294"
},
{
"name": "25048",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25048"
},
{
"name": "102896",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
},
{
"name": "FEDORA-2006-728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
},
{
"name": "20846",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20846"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18604"
},
{
"name": "102461",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
},
{
"name": "ADV-2007-1573",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1573"
},
{
"name": "1016294",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016294"
},
{
"name": "25048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25048"
},
{
"name": "102896",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
},
{
"name": "FEDORA-2006-728",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
},
{
"name": "20846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20846"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3127",
"datePublished": "2006-06-21T23:00:00",
"dateReserved": "2006-06-21T00:00:00",
"dateUpdated": "2024-08-07T18:16:05.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0826 (GCVE-0-2004-0826)
Vulnerability from nvd – Published: 2004-09-02 04:00 – Updated: 2024-08-08 00:31
VLAI?
Summary
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11015",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11015"
},
{
"name": "20040823 Netscape NSS Library Remote Compromise",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/180"
},
{
"name": "sslv2-client-hello-overflow(16314)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16314"
},
{
"name": "SSRT4779",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109351293827731\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11015",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11015"
},
{
"name": "20040823 Netscape NSS Library Remote Compromise",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/180"
},
{
"name": "sslv2-client-hello-overflow(16314)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16314"
},
{
"name": "SSRT4779",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109351293827731\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11015",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11015"
},
{
"name": "20040823 Netscape NSS Library Remote Compromise",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/180"
},
{
"name": "sslv2-client-hello-overflow(16314)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16314"
},
{
"name": "SSRT4779",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=109351293827731\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0826",
"datePublished": "2004-09-02T04:00:00",
"dateReserved": "2004-08-27T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}