Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5342

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5342
Last Modified 07 Mar 2011 10:14:25
Published 05 Dec 2008 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5342

Summary

Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668.

Vulnerable Systems

Application

  • Sun Jdk 5.0

  • Sun Jdk 6

  • Sun Jre 1.4.2 1

  • Sun Jre 1.4.2 10

  • Sun Jre 1.4.2 11

  • Sun Jre 1.4.2 12

  • Sun Jre 1.4.2 13

  • Sun Jre 1.4.2 14

  • Sun Jre 1.4.2 15

  • Sun Jre 1.4.2 16

  • Sun Jre 1.4.2 17

  • Sun Jre 1.4.2 18

  • Sun Jre 1.4.2 2

  • Sun Jre 1.4.2 3

  • Sun Jre 1.4.2 4

  • Sun Jre 1.4.2 5

  • Sun Jre 1.4.2 6

  • Sun Jre 1.4.2 7

  • Sun Jre 1.4.2 8

  • Sun Jre 1.4.2 9

  • Sun Jre 5.0

  • Sun Jre 6

  • Sun Sdk 1.4.2 1

  • Sun Sdk 1.4.2 10

  • Sun Sdk 1.4.2 11

  • Sun Sdk 1.4.2 12

  • Sun Sdk 1.4.2 13

  • Sun Sdk 1.4.2 14

  • Sun Sdk 1.4.2 15

  • Sun Sdk 1.4.2 16

  • Sun Sdk 1.4.2 17

  • Sun Sdk 1.4.2 18

  • Sun Sdk 1.4.2 2

  • Sun Sdk 1.4.2 3

  • Sun Sdk 1.4.2 4

  • Sun Sdk 1.4.2 5

  • Sun Sdk 1.4.2 6

  • Sun Sdk 1.4.2 7

  • Sun Sdk 1.4.2 8

  • Sun Sdk 1.4.2 9


References

CERT - TA08-340A

SUNALERT - 244988

CONFIRM - http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf

VUPEN - ADV-2009-0672

VUPEN - ADV-2009-0424

VUPEN - ADV-2008-3339

REDHAT - RHSA-2009:0445

REDHAT - RHSA-2009:0369

REDHAT - RHSA-2009:0016

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-486.htm

GENTOO - GLSA-200911-02

SECUNIA - 38539

SECUNIA - 37386

SECUNIA - 35065

SECUNIA - 34889

SECUNIA - 34605

SECUNIA - 34447

SECUNIA - 34233

SECUNIA - 33710

SECUNIA - 33015

SECUNIA - 32991

REDHAT - RHSA-2008:1025

REDHAT - RHSA-2008:1018

OSVDB - 50514

HP - HPSBUX02411

SUSE - SUSE-SR:2009:010

SUSE - SUSE-SA:2009:018

SUSE - SUSE-SA:2009:007

APPLE - APPLE-SA-2009-02-12

HP - SSRT080111

Related Patches

Apple 2009-02-12 Java for Mac OS X 10.4 Release 8

Apple 2009-06-15 Java for Mac OS X 10.4 Release 9

Apple 2009-02-12 Java for Mac OS X 10.5 Update 3

Apple 2009-06-15 Java for Mac OS X 10.5 Update 4

Novell SUSE 2008:5852 java-1_4_2-sun security update for SLE 10 SP2 i586


Last Updated: 27 May 2016 11:02:32