7PK - Security Features

CVE-2008-1195

High

9.3/10

Summary

Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.

Access Complexity: MEDIUM
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: COMPLETE
Confidentiality Impact: COMPLETE
Availability Impact: COMPLETE

CWE-254 - Security Features

Security features are integrated into the application infrastructure to protect its resources and the trusted environment against a known exploit, threat, or vulnerability. However, flawed, disabled, or absent security features expose the application to a variety of attacks. This is a multidimensional vulnerability with broad potential impact. It can lead to defacement, confidentiality compromise, system takeover, etc.

References

Advisory Timeline

Published Mar 06, 2008

7PK - Security Features

CVE-2008-1195

Summary

CWE-254 - Security Features

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS