Java Plug-in and Java Web Start Vulnerability in J2SE Products by Sun Microsystems
CVE-2006-4302

Currently unrated

Key Information:

Vendor: Oracle
Status: Java Web Start; J2se
Vendor: CVE Published:; 23 August 2006

What is CVE-2006-4302?

The Java Plug-in and Java Web Start are affected by vulnerabilities that allow remote attackers to specify a Java Runtime Environment (JRE) version containing known exploits. This could enable execution of unauthorized commands or installation of malicious software, compromising the integrity of systems relying on these Java technologies. Various versions, ranging from J2SE 1.3.0_02 to J2SE 5.0 Update 5, are notably susceptible, urging users to update their environments to mitigate potential attacks.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.securityfocus.com/bid/8879

vdb-entryx_refsource_BID

http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 23, 2006
Vulnerability Reserved
Aug 22, 2006

Oracle

What is CVE-2006-4302?

References

Timeline