CVE-2008-5342

Currently unrated

Key Information:

Vendor: Oracle
Status: Jdk; Jre; Sdk
Vendor: CVE Published:; 5 December 2008

Summary

Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668.

References

http://marc.info/?l=bugtraq&m=126583436323697&w=2

vendor-advisoryx_refsource_HP

http://lists.opensuse.org/opensuse-security-announce/2009...

vendor-advisoryx_refsource_SUSE

http://www.vupen.com/english/advisories/2009/0672

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Dec 5, 2008
Vulnerability Reserved
Dec 4, 2008