Vulnerabilities > SUN > JRE > 6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-05-03 | CVE-2012-1695 | Remote Security vulnerability in Oracle JRockit Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 10.0 |
2009-08-05 | CVE-2009-2675 | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression. | 10.0 |
2009-08-05 | CVE-2009-2674 | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow. | 7.5 |
2009-08-05 | CVE-2009-2673 | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword. | 7.5 |
2009-08-05 | CVE-2009-2672 | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors. | 7.5 |
2009-08-05 | CVE-2009-2671 | Privilege Escalation vulnerability in SUN JDK and JRE The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors. | 5.0 |
2009-08-05 | CVE-2009-2670 | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties. | 5.0 |
2009-04-15 | CVE-2009-1006 | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 10.0 |
2008-12-05 | CVE-2008-5358 | Buffer Errors vulnerability in SUN JDK and JRE Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll. | 9.3 |
2008-12-05 | CVE-2008-5356 | Buffer Errors vulnerability in SUN Jdk, JRE and SDK Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file. | 9.3 |