Release DateSep 05, 2008 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt to exploit a buffer overflow vulnerability in Sun Java Web Start. The vulnerability is caused by a bound checking error in handling XML based JNLP files. |
Affected ProductsSun JDK and JRE 6 Update 6 and earlierSun JDK and JRE 5.0 Update 15 and earlier Sun SDK and JRE 1.4.2_17 and earlier Sun SDK and JRE 1.3.1_22 and earlier |
Recommended ActionsApply patch, available from the web site.http://sunsolve.sun.com/search/document.do?assetkey=1-26-238905-1 |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2008-3111 |
Reference/shttp://www.frsirt.com/english/advisories/2008/2056 (FrSIRT)http://www.securityfocus.com/bid/30148 (BugTraq) |
