Search Results (Refine Search)
- CPE Product Version: cpe:/a:sun:jre:1.3.1:update12
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-0012 |
Sun JRE 5.0 before update 14 allows remote attackers to cause a denial of service (Internet Explorer crash) via an object tag with an encoded applet and an undefined name attribute, which triggers a NULL pointer dereference in jpiexp32.dll when the applet is decoded and passed to the JVM. Published: January 09, 2008; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-5689 |
The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves. Published: October 29, 2007; 3:46:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |