Vulnerabilities > SUN > JDK > 1.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-12-05 | CVE-2008-5345 | Unspecified vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make unauthorized connections to localhost via unknown vectors. | 7.5 |
| 2008-07-09 | CVE-2008-3108 | Buffer Errors vulnerability in SUN Jdk, JRE and SDK Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing. | 10.0 |
| 2008-07-09 | CVE-2008-3104 | Permissions, Privileges, and Access Controls vulnerability in SUN Jdk, JRE and SDK Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet. | 6.8 |
| 2008-03-06 | CVE-2008-1196 | Buffer Errors vulnerability in SUN Jdk, JRE and SDK Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file. | 6.8 |
| 2008-03-06 | CVE-2008-1195 | 7PK - Security Features vulnerability in multiple products Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs. | 9.3 |
| 2008-03-06 | CVE-2008-1194 | Unspecified vulnerability in SUN JDK and JRE Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors. network sun | 4.3 |
| 2008-03-06 | CVE-2008-1193 | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application. | 9.3 |
| 2008-03-06 | CVE-2008-1192 | 7PK - Security Features vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors. | 6.8 |
| 2008-03-06 | CVE-2008-1191 | Unspecified vulnerability in SUN JDK and JRE Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue." network sun | 6.8 |
| 2008-03-06 | CVE-2008-1190 | Permissions, Privileges, and Access Controls vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue. | 9.3 |