Vulnerabilities allow remote attackers to bypass sandbox restrictions on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The first vulnerability results in a cache location and a user name information disclosure. By accessing the SI_FILEDIR property of a SingleInstanceImpl class, the location of the temporary single instance files can be parsed to discover the user name and cache location. The second vulnerability allows applets to read any file on a victim's filesystem, outside of the restricted path of the applet. The specific flaw exists in the handling of the file: protocol assigned to an applet codebase. If the codebase points to the local filesystem, any file is then readable by the malicious applet. The third vulnerability allows JNLP files to bypass socket restrictions. By loading a secondary JNLP with an href attribute containing a wildcard. When this object is instantiated, all hosts are eligible for socket connect and accept.
d98e1dfc94f89c028e1e534faf3a6fbb43671a819316602382d9df596a4e9b36
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java. User interaction is required in that a user must open a malicious file or visit a malicious web page. The specific flaw occurs within the Java AWT library. If a custom image model is used for the source 'Raster' during a conversion through a 'ConvolveOp' operation, the imaging library will calculate the size of the destination raster for the conversion incorrectly leading to a heap-based overflow. This can result in arbitrary code execution under the context of the current user.
69fedebd39ae5325af19cf3b911107a594218eaf78e8854814af705e0eb836e1
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XML processing code for Trillian. When parsing a malformed XML tag, the application does not allocate enough space for it's contents. During copying of this to the newly allocated buffer, the application will overwrite heap structures with attacker-supplied data that can then be leveraged to achieve code execution with the privileges of the application.
64031b7963a8183849481e9b4f497d24a2a4b9e9c4d0c42051491727813240a3
A vulnerability allows remote attackers to potentially execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XML processing code for Trillian. When parsing specially formulated xml, the application will corrupt an internal data structure. Whilst deallocating this data structure, the application can be tricked into freeing a single allocated chunk multiple times, which can potentially lead to code execution.
0a3bb0651dccdaccf0dce67e0c5fad1b2a93d2ec1c4babc22f0814d43b035077
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tooltip processing code for Trillian. When creating a tooltip for an image, the application generates an XML tag including a property containing the filename. This data is then copied directly into a stack-based buffer without any length verifications which can eventually lead to code execution with the privileges of the client.
ccf4a13dfd890cabd4e17cd20131ee7971a15f2f9efbd2d2ff84366a9eea1e91
My Simple Forum version 3.0 suffers from a local file inclusion vulnerability in index.php.
087f22aefba1d484e3cc7328edbd920504a7c81aa672439c5e20d34d43cb62a9
Icxbbportal version 0.1 Alpha 2 suffers from a remote file inclusion vulnerability.
95cbadee3b0733127b4f0c823cd643fdfad41516dcfc1b0246c034b4058133ad
Easy News Content Management suffers from a database disclosure vulnerability.
2ca5a0116a43c40d906d547fa33f3a52fb9e5bfa7b7aafdd2da8e3f796104ff3
Ubuntu Security Notice USN-687-1 - It was discovered that nfs-utils did not properly enforce netgroup restrictions when using TCP Wrappers. Remote attackers could bypass the netgroup restrictions enabled by the administrator and possibly gain access to sensitive information.
0e029fa8bda37ed3cf0f9126cfa820ca959375ddc18ac3877aac2310186972bd
iDefense Security Advisory 12.02.08 - Remote exploitation of an integer overflow vulnerability in Sun Microsystems Inc.'s Java JRE could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists within the font parsing code in the JRE. As part of its font API, the JRE provides the ability to load a font from a remote URL. Various types of fonts are supported, one of which is the TrueType format font. The vulnerability occurs when parsing various structures in TrueType font files. During parsing, values are taken from the file, and without being properly validated, used in operations that calculate the number of bytes to allocate for heap buffers. The calculations can overflow, resulting in a potentially exploitable heap overflow. iDefense has confirmed the existence of this vulnerability in Sun Microsystem Inc.'s Java JRE version 1.6.0_05 for Windows. Previous versions may also be affected.
f6138bd9306284a73b3be3d7781e778c2de99c2305f7e7bac167538fec90f7e1