CVE-2008-4910
SUN Java Web Start - Improper Input Validation
Title source: ruleDescription
The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Varun Srivastava · javaremotemultiple
https://www.exploit-db.com/exploits/32529
References (5)
Scores
EPSS
0.0725
EPSS Percentile
91.6%
Details
CWE
CWE-20
Status
published
Products (1)
sun/java_web_start
Published
Nov 04, 2008
Tracked Since
Feb 18, 2026