JNLP may overwrite system properties java.home
java.ext.dirs
user.home
Heap overflow and integer overflow on TrueType fonts parsing, memory corruption on GIF parsing, integer overflow on Pack200 decompression. Multiple sendbox protection bypass vulnerabilities.

CPENameOperatorVersion
jreeq1.6
openjdkeq6

CPE	Name	Operator	Version
	jre	eq	1.6
	openjdk	eq	6

References

vulners.com/securityvulns/securityvulns:doc:20949

vulners.com/securityvulns/securityvulns:doc:20953

vulners.com/securityvulns/securityvulns:doc:20954

vulners.com/securityvulns/securityvulns:doc:20955

vulners.com/securityvulns/securityvulns:doc:20956

vulners.com/securityvulns/securityvulns:doc:20957

vulners.com/securityvulns/securityvulns:doc:20958

vulners.com/securityvulns/securityvulns:doc:20967

vulners.com/securityvulns/securityvulns:doc:21257

vulners.com/securityvulns/securityvulns:doc:21720

openvas 51

ubuntu 1

nessus 38

securityvulns 2

fedora 2

redhat 7

seebug 7

suse 3

prion 12

vmware 2

nvd 12

cvelist 12

cve 12

ubuntucve 12

saint 4

zdi 1

canvas 2

packetstorm 2

checkpoint_advisories 5

exploitpack 2

metasploit 1

threatpost 3

symantec 1

exploitdb 4

oracle 1

openvas

Ubuntu: Security Advisory (USN-713-1)

2009-02-02 00:00:00

Ubuntu USN-713-1 (openjdk-6)

2009-02-02 00:00:00

Fedora Update for java-1.6.0-openjdk FEDORA-2008-10913

2009-02-16 00:00:00

ubuntu

openjdk-6 vulnerabilities

2009-01-27 00:00:00

nessus

Ubuntu 8.10 : OpenJDK vulnerabilities (USN-713-1)

2009-04-23 00:00:00

Fedora 10 : java-1.6.0-openjdk-1.6.0.0-7.b12.fc10 (2008-10913)

2009-04-23 00:00:00

Fedora 9 : java-1.6.0-openjdk-1.6.0.0-0.20.b09.fc9 (2008-10860)

2008-12-08 00:00:00

securityvulns

[USN-713-1] openjdk-6 vulnerabilities

2009-01-31 00:00:00

[Full-disclosure] CVE-2008-2086: Java Web Start File Inclusion via System Properties Override

2008-12-04 00:00:00

fedora

[SECURITY] Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-7.b12.fc10

2008-12-07 04:33:22

[SECURITY] Fedora 9 Update: java-1.6.0-openjdk-1.6.0.0-0.20.b09.fc9

2008-12-07 04:27:51

redhat

(RHSA-2009:0015) Critical: java-1.6.0-ibm security update

2009-01-13 00:00:00

(RHSA-2009:0466) Low: java-1.5.0-ibm security update

2009-05-07 00:00:00

(RHSA-2008:1018) Critical: java-1.6.0-sun security update

2008-12-04 00:00:00

seebug

Sun Java JDK/JRE安全更新修复多个漏洞

2008-12-09 00:00:00

Mac OS X - Java applet Remote Deserialization Remote PoC (updated)

2014-07-01 00:00:00

Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserialization Exploit

2008-12-03 00:00:00

suse

remote code execution in Sun Java

2009-01-09 15:49:38

remote code execution in IBM Java 1.4.2 and 6

2009-04-07 14:51:07

local privilege escalation in IBMJava5-JRE,java-1_5_0-ibm

2009-01-29 14:08:00

prion

Design/Logic Flaw

2008-12-05 11:30:00

Security feature bypass

2008-12-05 11:30:00

Security feature bypass

2008-12-05 11:30:00

vmware

VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues

2009-10-16 00:00:00

VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues

2009-10-16 00:00:00

nvd

CVE-2008-5347

2008-12-05 11:30:00

CVE-2008-5350

2008-12-05 11:30:00

CVE-2008-5349

2008-12-05 11:30:00

cvelist

CVE-2008-5347

2008-12-05 11:00:00

CVE-2008-5358

2008-12-05 11:00:00

CVE-2008-5349

2008-12-05 11:00:00

cve

CVE-2008-5358

2008-12-05 11:30:00

CVE-2008-5347

2008-12-05 11:30:00

CVE-2008-5349

2008-12-05 11:30:00

ubuntucve

CVE-2008-5358

2008-12-05 00:00:00

CVE-2008-5347

2008-12-05 00:00:00

CVE-2008-5349

2008-12-05 00:00:00

saint

Java Runtime Environment JAR manifest Main Class buffer overflow

2009-02-26 00:00:00

Java Runtime Environment JAR manifest Main Class buffer overflow

2009-02-26 00:00:00

Java Runtime Environment JAR manifest Main Class buffer overflow

2009-02-26 00:00:00

zdi

Sun Java AWT Library Sandbox Violation Vulnerability

2008-12-04 00:00:00

canvas

Immunity Canvas: JAVA_DESERIALIZE

2008-12-05 06:30:00

Immunity Canvas: JAVA_DESERIALIZE_WIN32

2008-12-05 11:30:00

packetstorm

Sun Java Calendar Deserialization

2009-10-27 00:00:00

Signed Applet Social Engineering Code Exec

2010-02-05 00:00:00

checkpoint_advisories

Sun Java Runtime Environment JAR File Processing Stack Buffer Overflow (CVE-2008-5354)

2010-07-13 00:00:00

Sun Java Web Start Splashscreen GIF Decoding Buffer Overflow - Improved Performance (CVE-2008-2086)

2013-05-16 00:00:00

Sun Java Runtime Environment Abstract Windowing Toolkit Memory Corruption (CVE-2008-5359)

2010-06-23 00:00:00

exploitpack

Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization (Metasploit)

2008-12-03 00:00:00

Apple Mac OSX - Java applet Remote Deserialization Remote (2)

2009-05-20 00:00:00

metasploit

Sun Java Calendar Deserialization Privilege Escalation

2009-12-15 20:37:15

threatpost

Chorus Grows Louder to Disable Java 7 After Exploit Hits Mainstream

2012-08-30 02:03:14

Serious Mac OS X Java vulnerability disclosed

2009-05-20 17:37:46

Java Still a Favorite Target of Attackers

2011-11-30 19:39:18

symantec

Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities

2008-12-03 00:00:00

exploitdb

Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization (Metasploit)

2008-12-03 00:00:00

Apple Mac OSX - Java applet Remote Deserialization Remote (2)

2009-05-20 00:00:00

Sun Java - Calendar Deserialization (Metasploit)

2010-09-20 00:00:00

oracle

cpuapr2009.html

2009-04-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.971 High

EPSS

Percentile

99.8%

JSON

Related for SECURITYVULNS:VULN:9483