CVE-2008-1191

Severity

68%

Complexity

86%

Confidentiality

106%

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

Type

Sun

First reported 16 years ago

2008-03-06 21:44:00

Last updated 7 years ago

2017-09-29 01:30:00

Affected Software

Sun JDK

Sun JRE

References

APPLE-SA-2008-09-24

SUSE-SA:2008:018

29239

Vendor Advisory

29273

Vendor Advisory

29582

Vendor Advisory

29858

Vendor Advisory

30676

Vendor Advisory

30780

Vendor Advisory

32018

Vendor Advisory

GLSA-200804-28

233323

Patch, Vendor Advisory

http://support.apple.com/kb/HT3178

http://support.apple.com/kb/HT3179

GLSA-200804-20

GLSA-200806-11

RHSA-2008:0186

RHSA-2008:0267

1019549

TA08-066A

US Government Resource

http://www.vmware.com/security/advisories/VMSA-2008-0010.html

ADV-2008-0770

Vendor Advisory

ADV-2008-1856

Vendor Advisory

javawebstart-application-priv-escalation(41029)

javawebstart-unspecified-priv-escalation(41136)

oval:org.mitre.oval:def:10167

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.