Heap
06-12-08, 02:44
Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make unauthorized connections to localhost via unknown vectors.
More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5345)
More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5345)