CVE search results

251 – 260 of 343 results

Detailed view

Sort by:

CVE-2009-2720

Low priority

Some fixes available 4 of 9

Unspecified vulnerability in the javax.swing.plaf.synth.SynthContext.isSubregion method in the Swing implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service...

3 affected packages

openjdk-6, sun-java5, sun-java6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openjdk-6	—	—	—	—
sun-java5	—	—	—	—
sun-java6	—	—	—	—

CVE-2009-2719

Low priority

Some fixes available 4 of 9

The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException) via a crafted .jnlp file, as demonstrated by...

3 affected packages

openjdk-6, sun-java5, sun-java6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openjdk-6	—	—	—	—
sun-java5	—	—	—	—
sun-java6	—	—	—	—

CVE-2009-2718

Medium priority

Some fixes available 4 of 9

The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier...

3 affected packages

openjdk-6, sun-java5, sun-java6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openjdk-6	—	—	—	—
sun-java5	—	—	—	—
sun-java6	—	—	—	—

CVE-2009-2717

Medium priority

Not affected

The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on Windows 2000 Professional does not provide a Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into...

4 affected packages

java, openjdk-6, sun-java5, sun-java6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
java	—	—	—	—
openjdk-6	—	—	—	—
sun-java5	—	—	—	—
sun-java6	—	—	—	—

CVE-2009-2716

Medium priority

Some fixes available 4 of 9

The plugin functionality in Sun Java SE 6 before Update 15 does not properly implement version selection, which allows context-dependent attackers to leverage vulnerabilities in "old zip and certificate handling" and have...

3 affected packages

openjdk-6, sun-java5, sun-java6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openjdk-6	—	—	—	—
sun-java5	—	—	—	—
sun-java6	—	—	—	—

CVE-2009-2690

Medium priority

Some fixes available 7 of 12

The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or...

3 affected packages

openjdk-6, sun-java5, sun-java6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openjdk-6	—	—	—	—
sun-java5	—	—	—	—
sun-java6	—	—	—	—

CVE-2009-2689

Medium priority

Some fixes available 7 of 12

JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass...

3 affected packages

openjdk-6, sun-java5, sun-java6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openjdk-6	—	—	—	—
sun-java5	—	—	—	—
sun-java6	—	—	—	—

CVE-2009-2476

Medium priority

Some fixes available 7 of 10

The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by...

4 affected packages

java, openjdk-6, sun-java5, sun-java6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
java	—	—	—	—
openjdk-6	—	—	—	—
sun-java5	—	—	—	—
sun-java6	—	—	—	—

CVE-2009-2475

Medium priority

Some fixes available 7 of 12

Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword,...

4 affected packages

sun-java5, java, openjdk-6, sun-java6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
sun-java5	—	—	—	—
java	—	—	—	—
openjdk-6	—	—	—	—
sun-java6	—	—	—	—

CVE-2009-1896

Medium priority

Some fixes available 3 of 6

The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which...

3 affected packages

openjdk-6, sun-java5, sun-java6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openjdk-6	—	—	—	—
sun-java5	—	—	—	—
sun-java6	—	—	—	—

Export to JSON

Results by page:

Search CVE reports