Описание
Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka "Java Web Start File Inclusion" and CR 6694892.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | Web Start only |
| gutsy | DNE | |
| hardy | not-affected | Web Start only |
| intrepid | not-affected | Web Start only |
| jaunty | not-affected | Web Start only |
| karmic | not-affected | Web Start only |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| gutsy | ignored | end of life, was needs-triage |
| hardy | not-affected | 1.5.0-22-0ubuntu0.8.04 |
| intrepid | not-affected | 1.5.0-19-0ubuntu0.8.10 |
| jaunty | not-affected | 1.5.0-17-0ubuntu1 |
| karmic | DNE | |
| upstream | released | 1.5.0-17 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 6-11-0ubuntu1 |
| gutsy | ignored | end of life, was needs-triage |
| hardy | released | 6-17-0ubuntu1.8.04 |
| intrepid | released | 6-14-0ubuntu1.8.10 |
| jaunty | not-affected | 6-11-0ubuntu1 |
| karmic | not-affected | 6-11-0ubuntu1 |
| upstream | released | 6-11 |
Показывать по
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka "Java Web Start File Inclusion" and CR 6694892.
Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka "Java Web Start File Inclusion" and CR 6694892.
Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and ea ...
Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka "Java Web Start File Inclusion" and CR 6694892.
EPSS
9.3 Critical
CVSS2