CVE-2008-1196

Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.

🔗 References (72)

• cve@mitrehttp://download.novell.com/Download?buildid=q5exhSqeBjA~
• cve@mitrehttp://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html
• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
• cve@mitrehttp://secunia.com/advisories/29239
• cve@mitrehttp://secunia.com/advisories/29273
• cve@mitrehttp://secunia.com/advisories/29498
• cve@mitrehttp://secunia.com/advisories/29582
• cve@mitrehttp://secunia.com/advisories/29858
• cve@mitrehttp://secunia.com/advisories/29897
• cve@mitrehttp://secunia.com/advisories/30676
• cve@mitrehttp://secunia.com/advisories/30780
• cve@mitrehttp://secunia.com/advisories/31067
• cve@mitrehttp://secunia.com/advisories/31497
• cve@mitrehttp://secunia.com/advisories/31580