CVE-2008-5343 - CERT CVE

  1. CVE-2008-5343

ID CVE-2008-5343
Sažetak Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR" and CR 6707535.
Reference
CVSS
Base: 9.0
Impact: 8.5
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
COMPLETE PARTIAL PARTIAL
CVSS vektor AV:N/AC:L/Au:N/C:C/I:P/A:P
Zadnje važnije ažuriranje 29-09-2017 - 01:32
Objavljeno 05-12-2008 - 11:30