Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:56
Type | Values Removed | Values Added |
---|---|---|
References | () http://jouko.iki.fi/adv/ws.html - | |
References | () http://marc.info/?l=full-disclosure&m=111117284323657&w=2 - | |
References | () http://secunia.com/advisories/14640 - Vendor Advisory | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1 - | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-66-200255-1 - | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000200.1-1 - | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200503-28.xml - Patch, Vendor Advisory | |
References | () http://www.novell.com/linux/security/advisories/2005_32_java2.html - | |
References | () http://www.securityfocus.com/bid/12847 - Patch |
Information
Published : 2005-05-02 04:00
Updated : 2024-11-20 23:56
NVD link : CVE-2005-0836
Mitre link : CVE-2005-0836
CVE.ORG link : CVE-2005-0836
JSON object : View
Products Affected
sun
- j2se
CWE