Fri, 26 Feb 2010 03:54:52 -0800 6887703: Unsigned applet can retrieve the dragged information before drop action occur
denis [Fri, 26 Feb 2010 03:54:52 -0800] rev 5192
6887703: Unsigned applet can retrieve the dragged information before drop action occur Reviewed-by: uta
Mon, 22 Feb 2010 14:33:19 -0800 6902299: Java JAR "unpack200" must verify input parameters
ksrini [Mon, 22 Feb 2010 14:33:19 -0800] rev 5191
6902299: Java JAR "unpack200" must verify input parameters Summary: Added several checks for addition of values before memory allocation Reviewed-by: asaha
Fri, 19 Feb 2010 22:30:52 +0300 6899653: Sun Java Runtime CMM readMabCurveData Buffer Overflow Vulnerability
bae [Fri, 19 Feb 2010 22:30:52 +0300] rev 5190
6899653: Sun Java Runtime CMM readMabCurveData Buffer Overflow Vulnerability Reviewed-by: prr, hawtin
Wed, 17 Feb 2010 13:32:26 +0300 6909597: Sun Java Runtime Environment JPEGImageReader stepX Integer Overflow Vulnerability
bae [Wed, 17 Feb 2010 13:32:26 +0300] rev 5189
6909597: Sun Java Runtime Environment JPEGImageReader stepX Integer Overflow Vulnerability Reviewed-by: igor
Wed, 17 Feb 2010 13:10:26 +0300 6914823: Java AWT Library Invalid Index Vulnerability
bae [Wed, 17 Feb 2010 13:10:26 +0300] rev 5188
6914823: Java AWT Library Invalid Index Vulnerability Reviewed-by: flar, hawtin
Wed, 17 Feb 2010 12:49:41 +0300 6914866: Sun JRE ImagingLib arbitrary code execution vulnerability
bae [Wed, 17 Feb 2010 12:49:41 +0300] rev 5187
6914866: Sun JRE ImagingLib arbitrary code execution vulnerability Reviewed-by: prr, hawtin
Tue, 12 Jan 2010 12:13:48 +0000 6910590: Application can modify command array, in ProcessBuilder
michaelm [Tue, 12 Jan 2010 12:13:48 +0000] rev 5186
6910590: Application can modify command array, in ProcessBuilder Summary: clone array returned by List.toArray() Reviewed-by: chegar, alanb
Tue, 22 Dec 2009 17:56:58 +0300 6904691: Java Applet Trusted Methods Chaining Privilege Escalation Vulnerability
malenkov [Tue, 22 Dec 2009 17:56:58 +0300] rev 5185
6904691: Java Applet Trusted Methods Chaining Privilege Escalation Vulnerability Reviewed-by: hawtin, peterz
Fri, 18 Dec 2009 09:09:12 -0500 6904162: Add new VeriSign root CA certificates to JRE and remove some old/unused ones
mullan [Fri, 18 Dec 2009 09:09:12 -0500] rev 5184
6904162: Add new VeriSign root CA certificates to JRE and remove some old/unused ones Reviewed-by: asaha
Tue, 08 Dec 2009 15:58:49 -0500 6633872: Policy/PolicyFile leak dynamic ProtectionDomains.
mullan [Tue, 08 Dec 2009 15:58:49 -0500] rev 5183
6633872: Policy/PolicyFile leak dynamic ProtectionDomains. Reviewed-by: hawtin
(0) -3000 -1000 -300 -100 -10 +10 +100 +300 +1000 +3000 +10000 +30000 tip