Sun: >> Java Enterprise System Security Vulnerabilities
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
CVSS Score
10.0
EPSS Score
0.034
Published
2007-05-02
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
CVSS Score
7.8
EPSS Score
0.017
Published
2006-06-21
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVSS Score
7.5
EPSS Score
0.03
Published
2004-12-31