Vulnerability in Java Web Start and Plug-in Affecting Sun JDK and JRE
CVE-2008-5340

Currently unrated

Key Information:

Vendor: Oracle
Status: Jdk; Jre; Sdk
Vendor: CVE Published:; 5 December 2008

Summary

An unspecified vulnerability in Java Web Start (JWS) and the Java Plug-in allows untrusted JWS applications to gain unauthorized privileges, enabling potential access to local files or applications via unknown vectors. This flaw poses significant risks as it can be exploited to compromise the confidentiality and integrity of files on affected systems. Users are advised to ensure their Java installations are updated to the latest versions to mitigate this risk.

References

http://marc.info/?l=bugtraq&m=126583436323697&w=2

vendor-advisoryx_refsource_HP

http://lists.opensuse.org/opensuse-security-announce/2009...

vendor-advisoryx_refsource_SUSE

http://www.vupen.com/english/advisories/2009/0672

vdb-entryx_refsource_VUPEN

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 5, 2008
Vulnerability Reserved
Dec 4, 2008