Definition


New Search

Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability

oval:org.mitre.oval:def:5924

Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF and a Java JAR file aka "GIFAR" and CR 6707535.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • VMWare ESX Server 3.5
Class:
vulnerability
Reference(s):
  • CVE-2008-5343
Product(s):