Unspecified Vulnerability in Java Web Start and Java Plug-in by Sun
CVE-2008-5341

Currently unrated

Key Information:

Vendor: Oracle
Status: Jdk; Jre; Sdk
Vendor: CVE Published:; 5 December 2008

Summary

An unspecified vulnerability exists in Java Web Start and Java Plug-in that allows untrusted JWS applications to disclose sensitive information, such as the pathname of the JWS cache and the application username. This exposure occurs through unknown vectors, which can potentially lead to unauthorized access to user data. Users of affected versions should apply the recommended updates to secure their systems.

References

http://marc.info/?l=bugtraq&m=126583436323697&w=2

vendor-advisoryx_refsource_HP

http://lists.opensuse.org/opensuse-security-announce/2009...

vendor-advisoryx_refsource_SUSE

http://www.vupen.com/english/advisories/2009/0672

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Dec 5, 2008
Vulnerability Reserved
Dec 4, 2008