Jdk

jdk

Vendor: Sun • 392 CVEs

CVEs (392)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-3906 1Sun 2Jdk Jre Apr 16, 2026 Nov 30, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or ex...Show more Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors, a different set of vulnerabilities than CVE-2005-3905. NOTE: this is associated with the "second and third issues" identified in SUNALERT:102003.Show less
CVE-2005-3905 1Sun 2Jdk Jre Apr 16, 2026 Nov 30, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrar...Show more Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors, a different vulnerability than CVE-2005-3906. NOTE: this is associated with the "first issue" identified in SUNALERT:102003.Show less
CVE-2005-3904 1Sun 2Jdk Jre Apr 16, 2026 Nov 30, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute ar...Show more Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors.Show less
CVE-2005-0471 1Sun 2Jdk Jre Apr 16, 2026 Mar 14, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locati...Show more Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names.Show less
CVE-2004-1029 5Conectiva GentooHp+2 more 8Enterprise Firewall Gateway Security 5400Hp Ux+5 more Apr 16, 2026 Mar 1, 2005 N/A· v4 N/A· v3 9.3 HIGH· v2 The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allo...Show more The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.Show less
CVE-2004-2540 1Sun 2Jdk Jre Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.
CVE-2003-1156 1Sun 2Jdk Jre Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .m...Show more Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program.Show less
CVE-2003-1123 1Sun 2Jdk Jre Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model.
CVE-2002-0076 3Hp MicrosoftSun 5Java Jre Jdk JdkJre+2 more Apr 16, 2026 Mar 19, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earl...Show more Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.Show less
CVE-2002-0058 2Microsoft Sun 4Jdk JreSdk+1 more Apr 16, 2026 Mar 15, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another serv...Show more Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK.Show less
CVE-2001-1480 2Apple Sun 4Jdk JreMac Os Runtime For Java+1 more Apr 16, 2026 Dec 31, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.
CVE-2000-1099 1Sun 1Jdk Apr 16, 2026 Jan 9, 2001 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthor...Show more Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities.Show less

Previous 1...16 17 18 1920