DescriptionSun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka "Java Web Start File Inclusion" and CR 6694892.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
- SUSE-SA:2009:001, published Fri, 09 Jan 2009 15:00:00 +0000
- SUSE-SA:2009:007, published Thu, 29 Jan 2009 14:00:00 +0000
- SUSE-SA:2009:018, published Tue, 07 Apr 2009 13:00:00 +0000
- SUSE-SR:2009:010, published Tue, 12 May 2009 08:00:00 +0000
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Linux Enterprise Server 11 |
SUSE Linux Enterprise Server for SAP Applications 11
| ||Patchnames: |