CVE-2005-0836

Currently unrated

Key Information:

Vendor: Oracle
Status: J2se
Vendor: CVE Published:; 2 May 2005

Summary

Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-77-...

vendor-advisoryx_refsource_SUNALERT

http://marc.info/?l=full-disclosure&m=111117284323657&w=2

mailing-listx_refsource_FULLDISC

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

EPSS Score

28% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Mar 22, 2005