Detections
Analytics
CVE-2008-5341
critical
Description
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6529
http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf
http://www.vupen.com/english/advisories/2009/0672
http://www.vupen.com/english/advisories/2008/3339
http://www.us-cert.gov/cas/techalerts/TA08-340A.html
http://www.redhat.com/support/errata/RHSA-2009-0369.html
http://www.redhat.com/support/errata/RHSA-2009-0016.html
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=
http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-486.htm
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244988-1
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://secunia.com/advisories/38539
http://secunia.com/advisories/37386
http://secunia.com/advisories/34605
http://secunia.com/advisories/34447
http://secunia.com/advisories/34233
http://secunia.com/advisories/33710
http://secunia.com/advisories/33015
http://secunia.com/advisories/32991
http://rhn.redhat.com/errata/RHSA-2008-1025.html
http://rhn.redhat.com/errata/RHSA-2008-1018.html
http://marc.info/?l=bugtraq&m=126583436323697&w=2
http://marc.info/?l=bugtraq&m=123678756409861&w=2
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html