Remote Code Execution Vulnerability in Java Web Start and Java Plug-in by Sun
CVE-2008-5343

Currently unrated

Key Information:

Vendor

Oracle
Status
Jdk
Jre
Sdk
Vendor
CVE Published:
5 December 2008

What is CVE-2008-5343?

This vulnerability allows remote attackers to craft malicious files that masquerade as both a GIF and a Java JAR file, enabling unauthorized network connections and potentially hijacking HTTP sessions. Commonly referred to as 'GIFAR', this exploit targets vulnerabilities across various versions of the Java Web Start and Java Plug-in, affecting Java Development Kit (JDK) and Java Runtime Environment (JRE) earlier than specified updates.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=bugtraq&m=126583436323697&w=2
vendor-advisoryx_refsource_HP
http://lists.opensuse.org/opensuse-security-announce/2009...
vendor-advisoryx_refsource_SUSE
http://www.securityfocus.com/bid/32892
vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.