CVE - CVE-2008-1192

CVE-ID
CVE-2008-1192	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:http://www.vmware.com/security/advisories/VMSA-2008-0010.html CONFIRM:http://support.apple.com/kb/HT3178 CONFIRM:http://support.apple.com/kb/HT3179 APPLE:APPLE-SA-2008-09-24 URL:http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html BEA:BEA08-201.00 URL:http://dev2dev.bea.com/pub/advisory/277 GENTOO:GLSA-200804-20 URL:http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml GENTOO:GLSA-200804-28 URL:http://security.gentoo.org/glsa/glsa-200804-28.xml GENTOO:GLSA-200806-11 URL:http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml REDHAT:RHSA-2008:0186 URL:http://www.redhat.com/support/errata/RHSA-2008-0186.html REDHAT:RHSA-2008:0210 URL:http://www.redhat.com/support/errata/RHSA-2008-0210.html REDHAT:RHSA-2008:0267 URL:http://www.redhat.com/support/errata/RHSA-2008-0267.html SUNALERT:233324 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-233324-1 SUSE:SUSE-SA:2008:018 URL:http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html SUSE:SUSE-SA:2008:025 URL:http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html CERT:TA08-066A URL:http://www.us-cert.gov/cas/techalerts/TA08-066A.html OVAL:oval:org.mitre.oval:def:11813 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11813 VUPEN:ADV-2008-0770 URL:http://www.vupen.com/english/advisories/2008/0770/references VUPEN:ADV-2008-1252 URL:http://www.vupen.com/english/advisories/2008/1252 VUPEN:ADV-2008-1856 URL:http://www.vupen.com/english/advisories/2008/1856/references SECTRACK:1019550 URL:http://www.securitytracker.com/id?1019550 SECUNIA:29273 URL:http://secunia.com/advisories/29273 SECUNIA:29239 URL:http://secunia.com/advisories/29239 SECUNIA:29498 URL:http://secunia.com/advisories/29498 SECUNIA:29582 URL:http://secunia.com/advisories/29582 SECUNIA:29841 URL:http://secunia.com/advisories/29841 SECUNIA:29858 URL:http://secunia.com/advisories/29858 SECUNIA:29897 URL:http://secunia.com/advisories/29897 SECUNIA:30676 URL:http://secunia.com/advisories/30676 SECUNIA:30780 URL:http://secunia.com/advisories/30780 SECUNIA:31497 URL:http://secunia.com/advisories/31497 SECUNIA:32018 URL:http://secunia.com/advisories/32018 XF:java-plugin-unspecified-security-bypass(41031) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/41031
Assigning CNA
N/A
Date Entry Created
20080306	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20080306)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org

Use of the Common Vulnerabilities and Exposures (CVE®) List and the associated references from this website are subject to the terms of use. CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 1999–2018, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation. For more information, please contact us.