Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:sun:jdk:1.3.1:-:*:*:*:*:*:*
  • CPE Name Search: true
There are 50 matching records.
Displaying matches 41 through 50.
Vuln ID Summary CVSS Severity
CVE-2010-0844

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory.

Published: April 01, 2010; 12:30:01 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-0842

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure.

Published: April 01, 2010; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-0839

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Published: April 01, 2010; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-0088

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085.

Published: April 01, 2010; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-0087

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Published: April 01, 2010; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-0085

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0088.

Published: April 01, 2010; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2010-0082

Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Published: April 01, 2010; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2009-1190

Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to cause a denial of service (CPU consumption) via serializable data with a long regex string containing multiple optional groups, a related issue to CVE-2004-2540.

Published: April 27, 2009; 6:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2008-1191

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."

Published: March 06, 2008; 4:44:00 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2008-0657

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

Published: February 07, 2008; 4:00:00 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH