Vulnerability in Java Web Start and Plug-in Affecting Sun JDK and JRE Products
CVE-2008-5344

Currently unrated

Key Information:

Vendor
Oracle
Status
Vendor
CVE Published:
5 December 2008

Summary

This vulnerability in Java Web Start (JWS) and the Java Plug-in allows untrusted applets to potentially read arbitrary files and make unauthorized network connections. It stems from issues related to applet classloading, which can be exploited via various vectors, posing significant security risks to users of affected Java Development Kit (JDK) and Java Runtime Environment (JRE) versions.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.