PT-2008-6463 · Oracle+1 · Java Plug-In+5
Published
2008-12-05
·
Updated
2017-09-29
·
CVE-2008-5339
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Java Development Kit (JDK) and Java Runtime Environment (JRE) versions prior to 6 Update 11
Java Development Kit (JDK) and Java Runtime Environment (JRE) versions 5.0 prior to Update 17
Java Development Kit (JDK) and Java Runtime Environment (JRE) versions 1.4.2 prior to 19
Description
The issue allows untrusted Java Web Start applications to establish network connections to unauthorized hosts. This is possible due to an unspecified vulnerability in Java Web Start and Java Plug-in.
Recommendations
For JDK and JRE versions prior to 6 Update 11, update to version 6 Update 11 or later to resolve the issue.
For JDK and JRE versions 5.0 prior to Update 17, update to version 5.0 Update 17 or later to resolve the issue.
For JDK and JRE versions 1.4.2 prior to 19, update to version 1.4.2 19 or later to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hp-Ux
Java Development Kit
Java Platform
Java Plug-In
Java Runtime Environment
Java Web Start