Java Web Start Argument Injection Vulnerability Affecting J2SE by Sun Microsystems
CVE-2005-0836

Currently unrated

Key Information:

Vendor

Oracle
Status
J2se
Vendor
CVE Published:
2 May 2005

What is CVE-2005-0836?

An argument injection vulnerability exists in Java Web Start for J2SE 1.4.2 up to version 1.4.2_06, which allows untrusted applications to exploit the value parameter of a property tag within a JNLP file to gain elevated privileges. This flaw can lead to unauthorized execution of arbitrary code, posing a significant risk to systems running affected versions of Java Web Start. It is critical for users to secure their installations by applying recommended patches or updates to mitigate potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://sunsolve.sun.com/search/document.do?assetkey=1-77-...
vendor-advisoryx_refsource_SUNALERT
http://marc.info/?l=full-disclosure&m=111117284323657&w=2
mailing-listx_refsource_FULLDISC
http://sunsolve.sun.com/search/document.do?assetkey=1-66-...
vendor-advisoryx_refsource_SUNALERT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.