CVE-2008-5342 Information
Description
Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors aka 6767668.
Reference
http://lists.apple.com/archives/security-announce/2009/Feb/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://marc.info/?l=bugtraq&m=123678756409861&w=2 http://marc.info/?l=bugtraq&m=126583436323697&w=2 http://osvdb.org/50514 http://rhn.redhat.com/errata/RHSA-2008-1018.html http://rhn.redhat.com/errata/RHSA-2008-1025.html http://secunia.com/advisories/32991 http://secunia.com/advisories/33015 http://secunia.com/advisories/33710 http://secunia.com/advisories/34233 http://secunia.com/advisories/34447 http://secunia.com/advisories/34605 http://secunia.com/advisories/34889 http://secunia.com/advisories/35065 http://secunia.com/advisories/37386 http://secunia.com/advisories/38539 http://security.gentoo.org/glsa/glsa-200911-02.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-244988-1 http://support.avaya.com/elmodocs2/security/ASA-2008-486.htm http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid= http://www.redhat.com/support/errata/RHSA-2009-0016.html http://www.redhat.com/support/errata/RHSA-2009-0369.html http://www.redhat.com/support/errata/RHSA-2009-0445.html http://www.us-cert.gov/cas/techalerts/TA08-340A.html http://www.vupen.com/english/advisories/2008/3339 http://www.vupen.com/english/advisories/2009/0424 http://www.vupen.com/english/advisories/2009/0672 http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6359
Share on: