Argument Injection Vulnerability in Java Web Start for J2SE on Mac OS X
CVE-2005-0418

Currently unrated

Key Information:

Vendor: Oracle
Status: J2se
Vendor: CVE Published:; 2 May 2005

What is CVE-2005-0418?

An argument injection vulnerability exists in Java Web Start for J2SE 1.4.2 up to version 1.4.2_06 on Mac OS X. This allows untrusted applications to manipulate the value parameter within a property tag in JNLP files, potentially leading to unauthorized privilege escalation. This security flaw underscores the importance of validating application parameters to protect systems from exploitation by malicious entities.

References

http://lists.apple.com/archives/security-announce/2005/Ma...

vendor-advisoryx_refsource_APPLE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Feb 15, 2005

Oracle

What is CVE-2005-0418?

References

Timeline