Remote Code Execution Vulnerability in Sun Java Web Start and Java Plug-in

CVE-2008-2086

Summary

The vulnerability in Sun Java Web Start and Java Plug-in allows remote attackers to execute arbitrary code by exploiting crafted JNLP files that manipulate system properties such as java.home, java.ext.dirs, and user.home. This vulnerability can lead to significant security risks, including unauthorized access to sensitive information and system control.

References