Name: CVE-2008-5342 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5342 Reference: SUNALERT:244988 Reference: URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-244988-1 Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors.
Another mention of this issue: http://secunia.com/advisories/32991/ (Point 11) )
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2009:0369 https://rhn.redhat.com/errata/RHSA-2009-0369.html
This issue has been addressed in following products: Extras for RHEL 3 Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2009:0445 https://rhn.redhat.com/errata/RHSA-2009-0445.html