CVE-2008-1191 — JDK vulnerability
Severity
9.3CRITICALNVD
NVD6.8
EPSS
9.9%
top 7.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedMar 6
Latest updateMay 1
Description
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."
CVSS vector
AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4
Patches
🔴Vulnerability Details
4GHSA▶
GHSA-rp3q-rw9w-295j: Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrust↗2022-05-01
GHSA▶
GHSA-m6g6-6pj7-xcc2: Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5↗2022-05-01
CVEList▶
CVE-2008-1190: Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5↗2008-03-06
CVEList▶
CVE-2008-1191: Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrust↗2008-03-06