Remote Code Execution Vulnerability in Java Web Start and Java Plug-in by Sun
CVE-2008-5343
Currently unrated
Summary
This vulnerability allows remote attackers to craft malicious files that masquerade as both a GIF and a Java JAR file, enabling unauthorized network connections and potentially hijacking HTTP sessions. Commonly referred to as 'GIFAR', this exploit targets vulnerabilities across various versions of the Java Web Start and Java Plug-in, affecting Java Development Kit (JDK) and Java Runtime Environment (JRE) earlier than specified updates.
References
Timeline
Vulnerability published
Vulnerability Reserved