Launchpad.net

CVE 2008-1189

Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.

See the

CVE page on Mitre.org for more details.

References

REDHAT: RHSA-2008:0186
SUNALERT: 233323
SECUNIA: 29273
CERT: TA08-066A
SECTRACK: 1019549
SECUNIA: 29239
SUSE: SUSE-SA:2008:018
REDHAT: RHSA-2008:0210
SECUNIA: 29498
SECUNIA: 29582
GENTOO: GLSA-200804-20
SUSE: SUSE-SA:2008:025
SECUNIA: 29858
SECUNIA: 29897
GENTOO: GLSA-200804-28
CONFIRM: http://www.vmware.com/...
SECUNIA: 30676
GENTOO: GLSA-200806-11
SECUNIA: 30780
SECUNIA: 31497
CONFIRM: http://support.apple.c...
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2008-09-24
SECUNIA: 32018
REDHAT: RHSA-2008:0267
VUPEN: ADV-2008-0770
VUPEN: ADV-2008-1856
XF: javawebstart-applicati...
XF: javawebstart-multiple-...
XF: javawebstart-unspecifi...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2008-1189

Related bugs

References