exploits , vulnerabilities , articles , Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability

Title	Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
Published	2008-12-03-12:00AM
Updated	2009-01-09-05:52PM
Class	Input Validation Error
CVE	CVE-2008-5343
Remote	Yes
Local	No
Credit	Billy Rios of Microsoft and Nate Mcfeters of Ernst and Young
Vulnerable	Sun SDK (Windows Production Release) 1.4.2 _15 Sun SDK (Windows Production Release) 1.4.2 _08 Sun SDK (Windows Production Release) 1.4.2 _05 Sun SDK (Windows Production Release) 1.4.2 _04 Sun SDK (Windows Production Release) 1.4.2 _03 Sun SDK (Windows Production Release) 1.4.2 Sun SDK (Windows Production Release) 1.4.2 Sun SDK (Windows Production Release) 1.3.1 _21 Sun SDK (Windows Production Release) 1.3.1 _20 Sun SDK (Windows Production Release) 1.3.1 _15 Sun SDK (Windows Production Release) 1.3.1 _14 Sun SDK (Windows Production Release) 1.3.1 _13 Sun SDK (Windows Production Release) 1.3.1 _12 Sun SDK (Windows Production Release) 1.3.1 _11 Sun SDK (Windows Production Release) 1.3.1 _10 Sun SDK (Windows Production Release) 1.3.1 _09 Sun SDK (Windows Production Release) 1.3.1 _08 Sun SDK (Windows Production Release) 1.3.1 _07 Sun SDK (Windows Production Release) 1.3.1 _06 Sun SDK (Windows Production Release) 1.3.1 _05 Sun SDK (Windows Production Release) 1.3.1 _04 Sun SDK (Windows Production Release) 1.3.1 _03 Sun SDK (Windows Production Release) 1.3.1 _02 Sun SDK (Windows Production Release) 1.3.1 _01a Sun SDK (Windows Production Release) 1.4.2_18 Sun SDK (Windows Production Release) 1.4.2_17 Sun SDK (Windows Production Release) 1.4.2_16 Sun SDK (Windows Production Release) 1.4.2_15 Sun SDK (Windows Production Release) 1.4.2_14 Sun SDK (Windows Production Release) 1.4.2_13 Sun SDK (Windows Production Release) 1.4.2_12 Sun SDK (Windows Production Release) 1.4.2_11 Sun SDK (Windows Production Release) 1.3.1_23 Sun SDK (Windows Production Release) 1.3.1_22 Sun SDK (Solaris Production Release) 1.4.2 _15 Sun SDK (Solaris Production Release) 1.4.2 _08 Sun SDK (Solaris Production Release) 1.4.2 _05 Sun SDK (Solaris Production Release) 1.4.2 _04 Sun SDK (Solaris Production Release) 1.4.2 _03 Sun SDK (Solaris Production Release) 1.4.2 Sun SDK (Solaris Production Release) 1.4.2 Sun SDK (Solaris Production Release) 1.3.1 _23 Sun SDK (Solaris Production Release) 1.3.1 _22 Sun SDK (Solaris Production Release) 1.3.1 _21 Sun SDK (Solaris Production Release) 1.3.1 _20 Sun SDK (Solaris Production Release) 1.3.1 _15 Sun SDK (Solaris Production Release) 1.3.1 _14 Sun SDK (Solaris Production Release) 1.3.1 _13 Sun SDK (Solaris Production Release) 1.3.1 _12 Sun SDK (Solaris Production Release) 1.3.1 _11 Sun SDK (Solaris Production Release) 1.3.1 _10 Sun SDK (Solaris Production Release) 1.3.1 _09 Sun SDK (Solaris Production Release) 1.3.1 _08 Sun SDK (Solaris Production Release) 1.3.1 _07 Sun SDK (Solaris Production Release) 1.3.1 _06 Sun SDK (Solaris Production Release) 1.3.1 _05 Sun SDK (Solaris Production Release) 1.3.1 _03 Sun SDK (Solaris Production Release) 1.3.1 _02 Sun SDK (Solaris Production Release) 1.3.1 _01 Sun SDK (Solaris Production Release) 1.4.2_18 Sun SDK (Solaris Production Release) 1.4.2_17 Sun SDK (Solaris Production Release) 1.4.2_16 Sun SDK (Solaris Production Release) 1.4.2_15 Sun SDK (Solaris Production Release) 1.4.2_14 Sun SDK (Solaris Production Release) 1.4.2_13 Sun SDK (Solaris Production Release) 1.4.2_12 Sun SDK (Solaris Production Release) 1.4.2_11 Sun SDK (Linux Production Release) 1.4.2 _15 Sun SDK (Linux Production Release) 1.4.2 _08 Sun SDK (Linux Production Release) 1.4.2 _05 Sun SDK (Linux Production Release) 1.4.2 _04 Sun SDK (Linux Production Release) 1.4.2 _03 Sun SDK (Linux Production Release) 1.4.2 _02 Sun SDK (Linux Production Release) 1.4.2 _01 Sun SDK (Linux Production Release) 1.4.2 Sun SDK (Linux Production Release) 1.4.2 Sun SDK (Linux Production Release) 1.3.1 _23 Sun SDK (Linux Production Release) 1.3.1 _22 Sun SDK (Linux Production Release) 1.3.1 _21 Sun SDK (Linux Production Release) 1.3.1 _20 Sun SDK (Linux Production Release) 1.3.1 _15 Sun SDK (Linux Production Release) 1.3.1 _14 Sun SDK (Linux Production Release) 1.3.1 _13 Sun SDK (Linux Production Release) 1.3.1 _12 Sun SDK (Linux Production Release) 1.3.1 _11 Sun SDK (Linux Production Release) 1.3.1 _10 Sun SDK (Linux Production Release) 1.3.1 _09 Sun SDK (Linux Production Release) 1.3.1 _08 Sun SDK (Linux Production Release) 1.3.1 _07 Sun SDK (Linux Production Release) 1.3.1 _06 Sun SDK (Linux Production Release) 1.3.1 _05 Sun SDK (Linux Production Release) 1.3.1 _03 Sun SDK (Linux Production Release) 1.3.1 _02 Sun SDK (Linux Production Release) 1.3.1 _01 Sun SDK (Linux Production Release) 1.4.2_18 Sun SDK (Linux Production Release) 1.4.2_17 Sun SDK (Linux Production Release) 1.4.2_16 Sun SDK (Linux Production Release) 1.4.2_15 Sun SDK (Linux Production Release) 1.4.2_14 Sun SDK (Linux Production Release) 1.4.2_13 Sun SDK (Linux Production Release) 1.4.2_12 Sun SDK (Linux Production Release) 1.4.2_11 Sun JRE 6.0 Update 7 Sun JRE 6.0 Update 6 Sun JRE 6.0 Update 5 Sun JRE 6.0 Update 4 Sun JRE 6.0 Update 3 Sun JRE 6.0 Update 2 Sun JRE 6.0 Update 10 Sun JRE 6.0 Update 1 Sun JRE 5.0 Update 9 Sun JRE 5.0 Update 8 Sun JRE 5.0 Update 7 Sun JRE 5.0 Update 6 Sun JRE 5.0 Update 16 Sun JRE 5.0 Update 15 Sun JRE 5.0 Update 14 Sun JRE 5.0 Update 13 Sun JRE 5.0 Update 12 Sun JRE 5.0 Update 11 Sun JRE 5.0 Update 10 Sun JDK 6.0 Update 7 Sun JDK 6.0 Update 6 Sun JDK 6.0 Update 5 Sun JDK 6.0 Update 4 Sun JDK 6.0 Update 3 Sun JDK 6.0 Update 2 Sun JDK 6.0 Update 10 Sun JDK 6.0 Update 1 Sun JDK 5.0 Update 9 Sun JDK 5.0 Update 8 Sun JDK 5.0 Update 7 Sun JDK 5.0 Update 6 Sun JDK 5.0 Update 5 Sun JDK 5.0 Update 4 Sun JDK 5.0 Update 3 Sun JDK 5.0 Update 2 Sun JDK 5.0 Update 16 Sun JDK 5.0 Update 15 Sun JDK 5.0 Update 14 Sun JDK 5.0 Update 13 Sun JDK 5.0 Update 12 Sun JDK 5.0 Update 11 Sun JDK 5.0 Update 10 Sun JDK 5.0 Update 1 S.u.S.E. SUSE Linux Enterprise Server 10 SP2 S.u.S.E. SUSE Linux Enterprise Desktop 10 SP2 S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 S.u.S.E. OpenEnterpriseServer 0 S.u.S.E. Novell Linux POS 9 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Enterprise Server 9 RedHat Enterprise Linux Supplementary 5 server RedHat Enterprise Linux Extras 4 RedHat Enterprise Linux Desktop Supplementary 5 client
Not Vulnerable	Sun SDK (Windows Production Release) 1.4.2_19 Sun SDK (Windows Production Release) 1.3.1_24 Sun SDK (Solaris Production Release) 1.4.2_19 Sun SDK (Solaris Production Release) 1.3.1_24 Sun SDK (Linux Production Release) 1.4.2_19 Sun SDK (Linux Production Release) 1.3.1_24 Sun JRE 6.0 Update 11 Sun JRE 5.0 Update 17 Sun JDK 6.0 Update 11 Sun JDK 5.0 Update 17
Code	An attacker may exploit this issue using readily available tools.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-11-09 Apache Tomcat Windows Installer Insecure Password Vulnerability
• 2009-11-06 Google Chrome prior to 3.0.195.32 Multiple Security Vulnerabilities
• 2009-11-05 Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability
• 2009-11-05 Pablo Software Solutions Baby Web Server Multiple Request Remote Denial of Service Vulnerability
• 2009-11-05 Linux Kernel r128 Driver CCE Initialization NULL Pointer Dereference Denial of Service Vulnerability
• 2009-11-05 Prototype JavaScript Framework Cross-Site Ajax Request Vulnerability
• 2009-11-05 Drupal Organic Groups Vocabulary Group Title HTML Injection Vulnerability
• 2009-11-05 IBM PowerHA Cluster Management Unauthorized Access Vulnerability
• 2009-11-05 HP Power Manager Unspecified Remote Code Execution Vulnerability
• 2009-11-05 Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Tue, 10 Nov 2009 03:26:56 +0000