Remote Code Execution Vulnerability in Sun Java Web Start and Java Plug-in
CVE-2008-2086

Currently unrated

Key Information:

Vendor
Oracle
Status
Vendor
CVE Published:
5 December 2008

Summary

The vulnerability in Sun Java Web Start and Java Plug-in allows remote attackers to execute arbitrary code by exploiting crafted JNLP files that manipulate system properties such as java.home, java.ext.dirs, and user.home. This vulnerability can lead to significant security risks, including unauthorized access to sensitive information and system control.

References

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.