Remote Code Execution Vulnerability in Sun Java Web Start and Java Plug-in
CVE-2008-2086

Currently unrated

Key Information:

Vendor

Oracle
Status
Jdk
Jre
Sdk
Vendor
CVE Published:
5 December 2008

What is CVE-2008-2086?

The vulnerability in Sun Java Web Start and Java Plug-in allows remote attackers to execute arbitrary code by exploiting crafted JNLP files that manipulate system properties such as java.home, java.ext.dirs, and user.home. This vulnerability can lead to significant security risks, including unauthorized access to sensitive information and system control.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=bugtraq&m=126583436323697&w=2
vendor-advisoryx_refsource_HP
http://www.redhat.com/support/errata/RHSA-2008-1018.html
vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2009...
vendor-advisoryx_refsource_SUSE

EPSS Score

28% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.