Search Results (Refine Search)
- CPE Product Version: cpe:/a:sun:jre:1.4.2:update4
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2004-2764 |
Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4.1 through 1.4.1_07, and 1.4.0 through 1.4.0_04 allows untrusted applets and unprivileged servlets to gain privileges and read data from other applets via unspecified vectors related to classes in the XSLT processor, aka "XML sniffing." Published: June 02, 2009; 6:30:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2006-0616 |
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue." Published: February 08, 2006; 9:02:00 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2004-1029 |
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. Published: March 01, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2004-2540 |
readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data. Published: December 31, 2004; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |