Buffer Overflow Vulnerability in Sun Java Web Start Products by Sun Microsystems
CVE-2008-3111
Currently unrated
Summary
A critical buffer overflow vulnerability exists in Sun Java Web Start, specifically affecting various versions of JDK and JRE. This vulnerability allows context-dependent attackers to exploit untrusted applications, potentially enabling them to gain elevated privileges. Malicious actors can manipulate long values associated with specific attributes in JNLP files, thereby triggering stack-based buffer overflows. Successful exploitation can lead to unauthorized access to read, write, or execute local files and programs, significantly compromising system security.
References
EPSS Score
13% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved