Описание
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-5341
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6529
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html
- http://marc.info/?l=bugtraq&m=123678756409861&w=2
- http://marc.info/?l=bugtraq&m=126583436323697&w=2
- http://rhn.redhat.com/errata/RHSA-2008-1018.html
- http://rhn.redhat.com/errata/RHSA-2008-1025.html
- http://secunia.com/advisories/32991
- http://secunia.com/advisories/33015
- http://secunia.com/advisories/33710
- http://secunia.com/advisories/34233
- http://secunia.com/advisories/34447
- http://secunia.com/advisories/34605
- http://secunia.com/advisories/37386
- http://secunia.com/advisories/38539
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-244988-1
- http://support.avaya.com/elmodocs2/security/ASA-2008-486.htm
- http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=
- http://www.redhat.com/support/errata/RHSA-2009-0016.html
- http://www.redhat.com/support/errata/RHSA-2009-0369.html
- http://www.us-cert.gov/cas/techalerts/TA08-340A.html
- http://www.vupen.com/english/advisories/2008/3339
- http://www.vupen.com/english/advisories/2009/0672
- http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf
Связанные уязвимости
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in wit ...