• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities

References:

• [Security-announce] VMSA-2009-0014 VMware ESX patches for DHCP, Service Console (VMware)
  
• Critical Mac OS X Java Vulnerabilities (landonf)
  
• Java Homepage (Sun)
  
• Java SE 6 Update 11 Release Notes (Sun)
  
• Javaâ?¢ 2 Platform Standard Edition Development Kit 5.0 Update 17 (Sun)
  
• Write once, own everyone, Java deserialization issues (Julien Tinnes)
  
• [security bulletin] HPSBMA02445 SSRT090058 rev.1 - HP Serviceguard Manager, Remo (security-alert@hp.com)
  
• Hardening OSX against CVE-2008-5353 (Marc Schoenefeld )
  
• HPSBUX02429 SSRT090058 rev.2 - HP-UX Running Java, Remote Execution of Arbitrary (security-alert@hp.com)
  
• iDefense Security Advisory 12.04.08: Sun Java JRE Pack200 Decompression Integer (iDefense Labs )
  
• iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Heap Ove (iDefense Labs )
  
• iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Integer (iDefense Labs )
  
• iDefense Security Advisory 12.04.08: Sun Java Web Start GIF Decoding Memory Corr (iDefense Labs )
  
• Solution 244991 : A Security Vulnerability in the Java Runtime Environment ( (Sun)
  
• ASA-2008-484 - The Java Runtime Environment Creates Temporary Files That Have 'G (Avaya)
  
• ASA-2008-485 - Java Runtime Environment (JRE) Buffer Overflow Vulnerabilities in (Avaya)
  
• ASA-2008-487 - A Buffer Overflow Vulnerability in the Java Runtime Environment ( (Avaya)
  
• ASA-2008-498 - A Security Vulnerability in Java Runtime Environment (JRE) With P (Avaya)
  
• ASA-2009-084 HPSBUX02411 SSRT080111 rev.1 - HP-UX Running Java, Remote Execution (Avaya)
  
• ASA-2009-229 HPSBUX02429 SSRT090058 rev.1 - HP-UX Running Java, Remote Execution (Avaya)
  
• Mac OS X Includes Known Vulnerable Version of Java (US-CERT)
  
• Nortel Response to Sun Java Runtime Environment and Java Development Kit Multipl (Nortel Networks)
  
• RHSA-2009:1551-1 java-1.4.2-ibm security update (Red Hat)
  
• Solution 244990 : A Buffer Overflow Vulnerability in the Java Runtime Environ (Sun)
  
• Solution 244992 : A Buffer Overflow Vulnerability in the Java Runtime Environ (Sun)
  
• Solution 245246 : The Java Runtime Environment UTF-8 Decoder May Allow Multip (Sun)
  
• Solution 246266 : Security Vulnerability in Java Runtime Environment May Allo (Sun)
  
• Solution 246286 : Security Vulnerability in the Java Runtime Environment With (Sun)
  
• Solution 246346 : A Security Vulnerability in Java Runtime Environment (JRE) (Sun)
  
• Solution 246366 : Security Vulnerabilities in the Java Runtime Environment (J (Sun)
  
• Solution 246386 : A Security Vulnerability in Java Runtime Environment (JRE) (Sun)
  
• Solution 246387 : A Security Vulnerability in the Java Runtime Environment ma (Sun)
  
• Solution 244986: The Java Runtime Environment Creates Temporary Files That Have (Sun)
  
• Solution 244987: Java Runtime Environment (JRE) Buffer Overflow Vulnerabilitie (Sun)
  
• Solution 244989: The Java Runtime Environment (JRE) 'Java Update' Mechanism Does (Sun)
  
• Sun Java AWT Library Sandbox Violation Vulnerability (ZDI)
  
• Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability (iDefense)
  
• Sun Java JRE TrueType Font Parsing Heap Overflow Vulnerability (iDefense)
  
• Sun Java JRE TrueType Font Parsing Integer Overflow Vulnerability (iDefense)
  
• Sun Java Web Start GIF Decoding Memory Corruption Vulnerability (iDefense)