Buffer Overflow Vulnerability in Sun Java Web Start Products by Sun Microsystems
CVE-2008-3111

Currently unrated

Key Information:

Vendor
Oracle
Status
Vendor
CVE Published:
9 July 2008

Summary

A critical buffer overflow vulnerability exists in Sun Java Web Start, specifically affecting various versions of JDK and JRE. This vulnerability allows context-dependent attackers to exploit untrusted applications, potentially enabling them to gain elevated privileges. Malicious actors can manipulate long values associated with specific attributes in JNLP files, thereby triggering stack-based buffer overflows. Successful exploitation can lead to unauthorized access to read, write, or execute local files and programs, significantly compromising system security.

References

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.