[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247974

 
 

909

 
 

194654

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-5342Date: (C)2008-12-05   (M)2023-12-22


Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SUNALERT-244988
SECUNIA-32991
SECUNIA-33015
SECUNIA-33710
SECUNIA-34233
SECUNIA-34447
SECUNIA-34605
SECUNIA-34889
SECUNIA-35065
SECUNIA-37386
SECUNIA-38539
OSVDB-50514
ADV-2008-3339
ADV-2009-0424
ADV-2009-0672
APPLE-SA-2009-02-12
GLSA-200911-02
RHSA-2008:1018
RHSA-2008:1025
RHSA-2009:0016
RHSA-2009:0369
RHSA-2009:0445
SSRT080111
SSRT090049
SUSE-SA:2009:007
SUSE-SA:2009:018
SUSE-SR:2009:010
TA08-340A
http://support.avaya.com/elmodocs2/security/ASA-2008-486.htm
http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=
http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf
oval:org.mitre.oval:def:6359

CPE    36
cpe:/a:sun:jre
cpe:/a:sun:sdk:1.4.2_1
cpe:/a:sun:sdk:1.4.2_2
cpe:/a:sun:sdk:1.4.2_3
...
CWE    1
CWE-200
OVAL    2
oval:org.secpod.oval:def:400075
oval:org.secpod.oval:def:21016

© SecPod Technologies