| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-5342 | 6.4 |
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and ov
|
13-02-2023 - 02:18 | 27-12-2007 - 22:46 | |
| CVE-2007-5333 | 5.0 |
Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as se
|
13-02-2023 - 02:18 | 12-02-2008 - 01:00 | |
| CVE-2008-1189 | 6.8 |
Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka
|
31-07-2019 - 12:47 | 06-03-2008 - 21:44 | |
| CVE-2008-1188 | 9.3 |
Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml
|
31-07-2019 - 12:45 | 06-03-2008 - 21:44 | |
| CVE-2008-1194 | 4.3 |
Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.
|
31-07-2019 - 12:44 | 06-03-2008 - 21:44 | |
| CVE-2008-1196 | 6.8 |
Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.
|
31-07-2019 - 12:43 | 06-03-2008 - 21:44 | |
| CVE-2008-1193 | 9.3 |
Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.
|
31-07-2019 - 12:41 | 06-03-2008 - 21:44 | |
| CVE-2008-1190 | 9.3 |
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-200
|
31-07-2019 - 12:40 | 06-03-2008 - 21:44 | |
| CVE-2008-1195 | 9.3 |
Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via uns
|
31-07-2019 - 12:38 | 06-03-2008 - 21:44 | |
| CVE-2008-1192 | 6.8 |
Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "exe
|
31-07-2019 - 12:36 | 06-03-2008 - 21:44 | |
| CVE-2008-1185 | 9.3 |
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted applicatio
|
31-07-2019 - 12:35 | 06-03-2008 - 21:44 | |
| CVE-2008-1186 | 9.3 |
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a differen
|
31-07-2019 - 12:35 | 06-03-2008 - 21:44 | |
| CVE-2007-6286 | 4.3 |
Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recen
|
25-03-2019 - 11:29 | 12-02-2008 - 01:00 | |
| CVE-2007-5461 | 3.5 |
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write reque
|
25-03-2019 - 11:29 | 15-10-2007 - 18:17 | |
| CVE-2007-5232 | 4.0 |
Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violat
|
30-10-2018 - 16:26 | 05-10-2007 - 23:17 | |
| CVE-2007-5236 | 5.4 |
Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read local files vi
|
30-10-2018 - 16:26 | 06-10-2007 - 00:17 | |
| CVE-2007-5274 | 2.6 |
Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate
|
30-10-2018 - 16:26 | 08-10-2007 - 23:17 | |
| CVE-2007-5240 | 5.0 |
Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circum
|
30-10-2018 - 16:26 | 06-10-2007 - 00:17 | |
| CVE-2007-5238 | 2.6 |
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attacker
|
30-10-2018 - 16:26 | 06-10-2007 - 00:17 | |
| CVE-2007-5689 | 10.0 |
The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary
|
30-10-2018 - 16:26 | 29-10-2007 - 19:46 | |
| CVE-2007-5239 | 4.0 |
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (
|
30-10-2018 - 16:26 | 06-10-2007 - 00:17 | |
| CVE-2008-1187 | 6.8 |
Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrar
|
29-09-2017 - 01:30 | 06-03-2008 - 21:44 | |
| CVE-2008-0657 | 10.0 |
Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as dem
|
29-09-2017 - 01:30 | 07-02-2008 - 21:00 | |
| CVE-2008-1191 | 6.8 |
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."
|
29-09-2017 - 01:30 | 06-03-2008 - 21:44 | |
| CVE-2007-5237 | 7.1 |
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka "two vulne
|
29-09-2017 - 01:29 | 06-10-2007 - 00:17 |