Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-3875 |
The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503. Published: November 05, 2009; 11:30:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2008-1191 |
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue." Published: March 06, 2008; 4:44:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |