Unrated severityNVD Advisory· Published Dec 5, 2008· Updated Apr 23, 2026
CVE-2008-5342
CVE-2008-5342
Description
Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668.
Affected products
91cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*+ 26 more
- cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_15:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_8:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_9:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_8:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_9:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:*:update_10:*:*:*:*:*:*range: <=6
- cpe:2.3:a:sun:jdk:*:update_16:*:*:*:*:*:*range: <=5.0
cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*+ 45 more
- cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*range: <=1.4.2_18
- cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_15:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_8:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_9:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_8:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_9:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:*:update_10:*:*:*:*:*:*range: <=6
- cpe:2.3:a:sun:jre:*:update_16:*:*:*:*:*:*range: <=5.0
cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*range: <=1.4.2_18
- cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
33- sunsolve.sun.com/search/document.donvdPatchVendor Advisory
- www.us-cert.gov/cas/techalerts/TA08-340A.htmlnvdUS Government Resource
- lists.apple.com/archives/security-announce/2009/Feb/msg00003.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlnvd
- marc.infonvd
- marc.infonvd
- osvdb.org/50514nvd
- rhn.redhat.com/errata/RHSA-2008-1018.htmlnvd
- rhn.redhat.com/errata/RHSA-2008-1025.htmlnvd
- secunia.com/advisories/32991nvd
- secunia.com/advisories/33015nvd
- secunia.com/advisories/33710nvd
- secunia.com/advisories/34233nvd
- secunia.com/advisories/34447nvd
- secunia.com/advisories/34605nvd
- secunia.com/advisories/34889nvd
- secunia.com/advisories/35065nvd
- secunia.com/advisories/37386nvd
- secunia.com/advisories/38539nvd
- security.gentoo.org/glsa/glsa-200911-02.xmlnvd
- support.avaya.com/elmodocs2/security/ASA-2008-486.htmnvd
- support.avaya.com/elmodocs2/security/ASA-2009-012.htmnvd
- support.nortel.com/go/main.jspnvd
- www.redhat.com/support/errata/RHSA-2009-0016.htmlnvd
- www.redhat.com/support/errata/RHSA-2009-0369.htmlnvd
- www.redhat.com/support/errata/RHSA-2009-0445.htmlnvd
- www.vupen.com/english/advisories/2008/3339nvd
- www.vupen.com/english/advisories/2009/0424nvd
- www.vupen.com/english/advisories/2009/0672nvd
- www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdfnvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6359nvd
News mentions
0No linked articles in our index yet.