Vulnerabilities > SUN > Java > 1.6.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-08-01 | CVE-2008-3440 | Code Injection vulnerability in SUN Java 1.6.0 Sun Java 1.6.0_03 and earlier versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |