Unspecified Vulnerability in Java Web Start and Java Plug-in by Sun
CVE-2008-5342

Currently unrated

Key Information:

Vendor: Oracle
Status: Jdk; Jre; Sdk
Vendor: CVE Published:; 5 December 2008

Summary

The vulnerability affects the BasicService for Java Web Start and Java Plug-in across multiple versions of the Sun JDK and JRE. It allows untrusted downloaded applications to manipulate the user's browser, potentially displaying local files without permission. This flaw poses significant risks to users by exposing sensitive data through unknown vectors, necessitating immediate attention and mitigation measures.

References

http://marc.info/?l=bugtraq&m=126583436323697&w=2

vendor-advisoryx_refsource_HP

http://lists.opensuse.org/opensuse-security-announce/2009...

vendor-advisoryx_refsource_SUSE

http://www.vupen.com/english/advisories/2009/0672

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Dec 5, 2008
Vulnerability Reserved
Dec 4, 2008