Name: CVE-2008-5343 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5343 Reference: SUNALERT:244988 Reference: URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-244988-1 Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows "hidden code" to make unauthorized network connections and "hijack HTTP sessions using cookies stored in the browser" via unknown vectors.
Another mention of this issue: http://secunia.com/advisories/32991/
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2009:0369 https://rhn.redhat.com/errata/RHSA-2009-0369.html
This issue has been addressed in following products: Extras for RHEL 3 Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2009:0445 https://rhn.redhat.com/errata/RHSA-2009-0445.html