PT-2005-1865 · Oracle · J2Se+1

Jouko Pynnonen

Published

2005-03-22

Updated

2016-10-18

CVE-2005-0836

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions J2SE versions 1.4.2 up to 1.4.2 06

Description The issue allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. This is related to an argument injection vulnerability in Java Web Start.

Recommendations For J2SE versions 1.4.2 up to 1.4.2 06, update to a version that contains a fix for this issue to prevent untrusted applications from gaining privileges.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0836

Affected Products

J2Se

Java Web Start

PT-2005-1865 · Oracle · J2Se+1

CVE-2005-0836

Related Identifiers

Affected Products

References · 10