what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2008-2086

Status Candidate

Overview

Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka "Java Web Start File Inclusion" and CR 6694892.

Related Files

HP Security Bulletin HPSBMA02486 SSRT090049
Posted Feb 10, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with the Java Runtime Environment (JRE) and Java Developer Kit (JDK) delivered with HP OpenView Network Node Manager (OV NNM). These vulnerabilities may allow remote unauthorized access, privilege escalation, execution of arbitrary code, and creation of a Denial of Service (DoS) .

tags | advisory, java, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2008-2086, CVE-2008-5339, CVE-2008-5340, CVE-2008-5341, CVE-2008-5342, CVE-2008-5343, CVE-2008-5344, CVE-2008-5345, CVE-2008-5347, CVE-2008-5348, CVE-2008-5350, CVE-2008-5351, CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359
SHA-256 | d609c2737ba3ee1e6d4dc412f6776d14c47fbc01f340bfebad40833c6310c6fa
Gentoo Linux Security Advisory 200911-2
Posted Nov 18, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200911-2 - Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks, including the remote execution of arbitrary code. Multiple vulnerabilities have been reported in the Sun Java implementation. Please review the CVE identifiers referenced below and the associated Sun Alerts for details. Versions less than 1.6.0.17 are affected.

tags | advisory, java, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-2086, CVE-2008-3103, CVE-2008-3104, CVE-2008-3105, CVE-2008-3106, CVE-2008-3107, CVE-2008-3108, CVE-2008-3109, CVE-2008-3110, CVE-2008-3111, CVE-2008-3112, CVE-2008-3113, CVE-2008-3114, CVE-2008-3115, CVE-2008-5339, CVE-2008-5340, CVE-2008-5341, CVE-2008-5342
SHA-256 | 6c09d770120fdd5f0fd5936497c4e389e3872a0dc13ec5c2b2565221dc0a2be7
VMware Security Advisory 2009-0014
Posted Oct 17, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues. And by multiple, we mean a very, very, very large amount of issues.

tags | advisory, kernel
advisories | CVE-2009-0692, CVE-2009-1893, CVE-2009-0692, CVE-2008-4210, CVE-2008-3275, CVE-2008-5356, CVE-2008-0598, CVE-2008-2136, CVE-2008-2812, CVE-2007-6063, CVE-2008-3525, CVE-2008-2086, CVE-2008-5347, CVE-2008-5348, CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352
SHA-256 | c2c6048aa6cecef0b2620603adc69c5932ea002bec08689597fb8904eaaf2bfa
HP Security Bulletin HPSBUX02411 SSRT080111
Posted Mar 11, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote unauthorized access, privilege escalation, execution of arbitrary code, and creation of a Denial of Service (DoS).

tags | advisory, java, remote, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2008-2086, CVE-2008-5339, CVE-2008-5340, CVE-2008-5341, CVE-2008-5342, CVE-2008-5343, CVE-2008-5344, CVE-2008-5345, CVE-2008-5347, CVE-2008-5348, CVE-2008-5350, CVE-2008-5351, CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359
SHA-256 | b28318bad3009da063e0f7190123288b83dd2480b1134e61caefa149bf6cab47
JWS-props.txt
Posted Dec 4, 2008
Authored by Timothy D. Morgan | Site vsecurity.com

VSR identified a vulnerability in Java Web Start related to the execution of privileged applications. This flaw could allow an attacker to execute arbitrary code on a victim system if a user could be convinced to visit a malicious web site.

tags | advisory, java, web, arbitrary
advisories | CVE-2008-2086
SHA-256 | 8ca3bf4453e1d97e1df8cb1777248b40098c96ebee21fac715d1bd6643e51396
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close