The OVAL Repository5.102015-09-03T11:12:54.737-04:00Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDThe Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDThe DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The second issue."Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The second issue."Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDDouble free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka "the first issue."Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka "the first issue."Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDBuffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDAdobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDSun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound connections via a DNS rebinding attack.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound connections via a DNS rebinding attack.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDHeap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDJava Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDInteger overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDAdobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDOpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.Red Hat Enterprise Linux 3Red Hat Enterprise Linux 4Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDThe operating system installed on the system is Red Hat Enterprise Linux 3Red Hat Enterprise Linux 3The operating system installed on the system is Red Hat Enterprise Linux 3.Aharon CherninDRAFTINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDHeap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDJava Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web Start cache location) via an untrusted application, aka "three vulnerabilities."Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web Start cache location) via an untrusted application, aka "three vulnerabilities."Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDInteger overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDHeap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDCRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. NOTE: the flexibility of the attack varies depending on the type of web browser being used.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. NOTE: the flexibility of the attack varies depending on the type of web browser being used.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDStack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues."Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues."Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUntrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDDirectory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The first issue."Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The first issue."Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDBuffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDAdobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDSun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDInteger overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to "perform unauthorized operations" via unspecified vectors.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to "perform unauthorized operations" via unspecified vectors.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDSun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273. NOTE: this is similar to CVE-2007-5232.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273. NOTE: this is similar to CVE-2007-5232.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDThe BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier, when running on Unix/Linux systems, allows remote attackers to cause a denial of service (JVM hang) via untrusted applets or applications that open arbitrary local files via a crafted BMP file, such as /dev/tty.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier, when running on Unix/Linux systems, allows remote attackers to cause a denial of service (JVM hang) via untrusted applets or applications that open arbitrary local files via a crafted BMP file, such as /dev/tty.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDVisual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDThe Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDThe Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.2_11 through 1.4.2_14, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service (CPU consumption) via certain SSL/TLS handshake requests.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.2_11 through 1.4.2_14, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service (CPU consumption) via certain SSL/TLS handshake requests.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDStack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.Red Hat Enterprise Linux 4Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDThe operating system installed on the system is Red Hat Enterprise Linux 4Red Hat Enterprise Linux 4The operating system installed on the system is Red Hat Enterprise Linux 4.Aharon CherninDRAFTINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDMultiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDAdobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDStack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDSun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274. NOTE: this is similar to CVE-2007-5232.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274. NOTE: this is similar to CVE-2007-5232.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDMultiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or execute local files, possibly related to (1) integer overflows in the Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, and awt_parseColorModel functions; (2) a stack overflow in the Java_sun_awt_image_ImagingLib_lookupByteRaster function; and (3) improper handling of certain negative values in the Java_sun_font_SunLayoutEngine_nativeLayout function. NOTE: some of these details are obtained from third party information.Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or execute local files, possibly related to (1) integer overflows in the Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, and awt_parseColorModel functions; (2) a stack overflow in the Java_sun_awt_image_ImagingLib_lookupByteRaster function; and (3) improper handling of certain negative values in the Java_sun_font_SunLayoutEngine_nativeLayout function. NOTE: some of these details are obtained from third party information.Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDAdobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding."Red Hat Enterprise Linux Extras 3Red Hat Enterprise Linux Extras 4Red Hat Enterprise Linux Extras 5Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding."Aharon CherninDRAFTINTERIMACCEPTEDACCEPTEDacroread-libs-pangoacroread-libs-glib2acroread-libs-gtk2acroread-libs-atkacroread-libs-gtk2-enginesopenssl-developensslopenssl096bopenssl-perlredhat-releaseRealPlayerrealplayerHelixPlayerjava-1.5.0-beajava-1.6.0-bea-missioncontroljava-1.6.0-bea-jdbcjava-1.4.2-bea-missioncontroljava-1.6.0-bea-srcjava-1.5.0-bea-srcjava-1.4.2-bea-srcjava-1.4.2-bea-jdbcjava-1.4.2-bea-demojava-1.5.0-bea-jdbcjava-1.6.0-bea-develjava-1.6.0-bea-demojava-1.5.0-ibm-accessibilityjava-1.5.0-bea-demojava-1.6.0-beajava-1.4.2-beajava-1.5.0-bea-develjava-1.5.0-bea-missioncontroljava-1.4.2-bea-develjava-1.6.0-sun-demojava-1.6.0-sun-jdbcjava-1.6.0-sun-pluginjava-1.6.0-sunjava-1.6.0-sun-srcjava-1.6.0-sun-develflash-pluginjava-1.6.0-ibm-pluginjava-1.6.0-ibm-javacommjava-1.6.0-ibm-srcjava-1.6.0-ibm-accessibilityjava-1.6.0-ibm-demojava-1.5.0-sun-develjava-1.6.0-ibm-jdbcjava-1.5.0-sunjava-1.6.0-ibmjava-1.6.0-ibm-develjava-1.5.0-sun-pluginjava-1.5.0-sun-jdbcjava-1.5.0-sun-demojava-1.5.0-sun-srcjava-1.5.0-ibm-pluginjava-1.5.0-ibmjava-1.5.0-ibm-develjava-1.5.0-ibm-demojava-1.4.2-ibm-srcjava-1.4.2-ibmjava-1.4.2-ibm-demojava-1.4.2-ibm-develjava-1.5.0-ibm-jdbcjava-1.4.2-ibm-pluginjava-1.4.2-ibm-jdbcjava-1.5.0-ibm-srcjava-1.4.2-ibm-javacommjava-1.5.0-ibm-javacommacroreadacroread-pluginredhat-release0:1.6.0-1.el30:2.4.7-10:2.4.13-1.el30:7.0.9-1.1.1.EL30:1.8.0-1.el30:7.0.9-1.2.0.EL40:2.2.0-1.el3^3\D.+$0:0.9.6b-16.430:0.9.7a-33.180:0.9.6b-22.430:0.9.7a-43.110:9.0.48.0-1.el3.with.oss0:9.0.48.0-1.el50:9.0.48.0-1.el40:7.0.69-1.el40:7.0.69-1.el31:1.5.0.4-1jpp.3.el50:1.4.2.8-1jpp.1.el50:1.4.2.8-1jpp.1.el31:1.5.0.4-1jpp.3.el40:1.4.2.8-1jpp.1.el40:9.0.124.0-1.el40:9.0.124.0-1.el50:9.0.124.0-1.el3.with.oss0:1.4.2.9-1jpp.1.el30:1.4.2.9-1jpp.1.el50:1.4.2.9-1jpp.1.el4^4\D.+$0:10.0.9-3.el50:10.0.9-20:10.0.9-0.rhel3.41:1.0.6-0.EL4.2.0.20:1.5.0.12-1jpp.2.el40:1.5.0.14-1jpp.1.el50:1.5.0.14-1jpp.1.el41:1.5.0.6-1jpp.1.el50:1.5.0.13-1jpp.1.el40:1.5.0.13-1jpp.1.el51:1.5.0.6-1jpp.2.el40:1.4.2.16-1jpp.1.el40:1.4.2.10-1jpp.2.el50:1.4.2.16-1jpp.1.el30:1.4.2.10-1jpp.2.el40:1.4.2.10-1jpp.2.el30:1.4.2.16-1jpp.1.el50:1.5.0.11-1jpp.2.el41:1.5.0.5-1jpp.2.el40:1.5.0.11-1jpp.1.el51:1.5.0.5-1jpp.0.1.el50:1.4.2.16-1jpp.2.el50:1.4.2.16-1jpp.2.el30:1.5.0.14-1jpp.2.el41:1.6.0.03-1jpp.2.el50:1.5.0.7-1jpp.2.el40:1.5.0.14-1jpp.2.el50:1.5.0.7-1jpp.2.el50:1.4.2.16-1jpp.4.el40:1.5.0.16-1jpp.2.el50:1.5.0.16-1jpp.2.el41:1.6.0.7-1jpp.1.el50:9.0.115.0-1.el3.with.oss0:9.0.115.0-1.el50:9.0.115.0-1.el40:1.6.0.1-1jpp.2.el50:1.5.0.15-1jpp.2.el50:1.5.0.15-1jpp.2.el40:1.4.2.7-1jpp.4.el30:1.4.2.7-1jpp.4.el41:1.5.0.3-1jpp.3.el40:8.1.2-1.el4.20:8.1.2-1.el3.60:8.1.2-1.el5.3^5[^[:digit:]]^3[^[:digit:]]^4[^[:digit:]]