Strike ID:
E19-0sld1
CVSS:
2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P)
False Positive:
t
Variants:
1
Year:
2019

Description

This strike exploits an arbitrary file deletion vulnerability in Oracle SE 8. The vulnerability is due to improper filtering of jlnp URL variable. An attacker can entice the victim to click the malicious link. Successful exploitation may lead to file deletion on client side.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}