U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*
  • CPE Name Search: true
There are 210 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2012-1716

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.

Published: June 16, 2012; 5:55:03 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0507

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

Published: June 07, 2012; 6:55:17 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0506

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA.

Published: February 15, 2012; 5:55:01 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-0505

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.

Published: February 15, 2012; 5:55:01 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-0503

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n.

Published: February 15, 2012; 5:55:01 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-0502

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT.

Published: February 15, 2012; 5:55:01 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2012-0501

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors.

Published: February 15, 2012; 5:55:01 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-0499

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Published: February 15, 2012; 5:55:00 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0498

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Published: February 15, 2012; 5:55:00 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-3563

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound.

Published: February 15, 2012; 5:55:00 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2011-3560

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity, related to JSSE.

Published: October 19, 2011; 5:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2011-3557

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556.

Published: October 19, 2011; 5:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3556

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557.

Published: October 19, 2011; 5:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-3554

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.

Published: October 19, 2011; 5:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-3552

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking.

Published: October 19, 2011; 5:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2011-3549

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing.

Published: October 19, 2011; 5:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-3548

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT.

Published: October 19, 2011; 5:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-3547

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking.

Published: October 19, 2011; 5:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2011-3545

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.

Published: October 19, 2011; 5:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-3521

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7, 6 Update 27 and earlier, and 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deserialization.

Published: October 19, 2011; 5:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH