CVE-2005-0418

Name of the Vulnerable Software and Affected Versions Java Web Start for J2SE versions 1.4.2 up to 1.4.2 06

Description The issue allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file, specifically on Mac OS X.

Recommendations For Java Web Start for J2SE versions 1.4.2 up to 1.4.2 06, consider restricting the use of JNLP files until a patch is available. As a temporary workaround, avoid using the value parameter of a property tag in JNLP files to minimize the risk of exploitation.