Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2008-3107 (GCVE-0-2008-3107)
Vulnerability from cvelistv5
Published
2008-07-09 23:00
Modified
2024-08-07 09:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "238967",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
},
{
"name": "sun-virtualmachine-unauth-access(43659)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43659"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "1020455",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020455"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "30141",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30141"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "RHSA-2008:0594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "oval:org.mitre.oval:def:10219",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "238967",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
},
{
"name": "sun-virtualmachine-unauth-access(43659)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43659"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "1020455",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020455"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "30141",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30141"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "RHSA-2008:0594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "oval:org.mitre.oval:def:10219",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "238967",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
},
{
"name": "sun-virtualmachine-unauth-access(43659)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43659"
},
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "1020455",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020455"
},
{
"name": "31600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "30141",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30141"
},
{
"name": "ADV-2008-2056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "31055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32180"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "RHSA-2008:0594",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "oval:org.mitre.oval:def:10219",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "TA08-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3107",
"datePublished": "2008-07-09T23:00:00",
"dateReserved": "2008-07-09T00:00:00",
"dateUpdated": "2024-08-07T09:28:41.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2008-3107\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-07-09T23:41:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en la M\u00e1quina Virtual de Sun Java Runtime Environment (JRE), JDK y JRE 6 antes de Update 7, JDK y JRE 5.0 antes de Update 16, y SDK y JRE 1.4.x antes de 1.4.2_18 permite a atacantes dependientes del contexto obtener privilegios mediante (1) una aplicaci\u00f3n o (2) un applet que no son de confianza, como se demostr\u00f3 con una aplicaci\u00f3n o un applet que se garantiza privilegios para (a) leer archivos locales, (b) escribir en archivos locales, o (c) ejecutar programas locales.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"},{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:*:update_15:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.0\",\"matchCriteriaId\":\"7E7CD268-A083-43B5-80B7-B7837202CF29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:*:update_6:*:*:*:*:*:*\",\"versionEndIncluding\":\"6\",\"matchCriteriaId\":\"94A87B01-2F20-4E1C-8572-395A96C35D79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BB00A29-FEBB-4139-9E96-691EC1410EFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD8CC179-F76E-4CC2-9CBD-69CBBA5BD532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2DC7389-9697-4EF0-9C4E-153731CDD75D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5F476C8-5466-4E6B-B73B-4ACFBB02AD5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8C7C8C1-AA0D-4BD9-A8EC-85BBE627DE13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAF0844B-ECB1-4AF0-AA32-1B8789AC5042\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"25322D24-C5D9-43A6-87CC-1BF7FA6A3E76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"400FDCDE-16DE-4BD6-81E2-4A5DA12E99CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"82C49C78-ACE3-407D-AE21-EA180633C437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F91F8A2-D473-48DC-81DA-21291DE7B6E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E46B3B4-9E1C-4C87-A4CD-C4CE7FBCA7F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F69C703-8541-4AA8-A66A-0292E0FCB749\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"99E08AB2-49AD-42C6-967F-773F2C6E188A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:5.0:update_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"9459F130-A3DD-4A4E-9582-4FB82619EB5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C9F6EA8-6A88-4485-89A3-0FDF84AB51DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"67E0818A-3675-4293-89FE-5001E36C0F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"95112B98-B6B2-43FA-BF76-F518649CF3BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A18341A-3688-48E7-95AD-283EC9C95B4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"E301C59A-47F5-4861-9091-D0002CBA5B7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.4.2_17\",\"matchCriteriaId\":\"B4D4DE93-903F-48E3-9009-EF6470F8E87C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:*:update_15:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.0\",\"matchCriteriaId\":\"DF9D8657-A633-45A1-AADE-30474E03C2FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:*:update_6:*:*:*:*:*:*\",\"versionEndIncluding\":\"6\",\"matchCriteriaId\":\"2A1D1D91-B29F-4335-A7DA-FF988F626907\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63978872-E797-4F13-B0F9-98CB67D0962A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27A472AF-049D-4D63-841C-1EF737E8D64D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB48B161-C239-4BB5-8667-7ACA5A5437F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83629616-1814-4858-B09F-79BEA82D6F55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BED1009E-AE60-43A0-A0F5-38526EFCF423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03E8F351-F900-436E-A726-55AE31FBF832\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F76B79C6-ADD0-4992-A4BD-423A0AD38714\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBFD41B5-6E33-4B00-81E8-9D91B0A03BD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"685D3F7F-30B9-4EB8-90FC-66A2A067A510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D102063B-2434-4141-98E7-2DE501AE1728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03B8CD03-CD31-4F4D-BA90-59435578A4F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41A994BF-1F64-480A-8AA5-748DDD0AB68C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88519F2D-AD06-4F05-BEDA-A09216F1B481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC728978-368D-4B36-B149-70473E92BD1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD5187B1-CB86-48E8-A595-9FCFD9822C0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C660DE4-543A-4E9B-825D-CD099D08CBD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"318719C9-7B01-4021-B2EF-8341254DFE6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A2379FC-BC33-4C90-97DD-ED3723172008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"86A1256D-7A34-4FDD-9536-82FD6497A712\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BB5E47A-8C17-4995-9EF8-01BFA0B702B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"9300FA38-C234-4BD8-ADB6-D2A29EBA81DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"C87F6EE3-F66B-4F15-89BA-26A4D3AD2556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"56F0F497-6586-408B-80AF-6BC2B9909397\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D594E269-D722-45FC-B390-B0D38ADEC923\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CAA89D6-651A-4B8C-A134-C3A2CB84002A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"B930EAFB-F2E6-4FCA-A21B-022656396A2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B20EB5F-D12A-4267-9887-C39A188EB9AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"52347FDC-9983-4A64-8031-B4A50DDC9BBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"C95654B3-ACA0-4B0D-9F31-B9C5FB7B9C96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"8387A041-582A-4010-9C44-672090F41A72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:5.0:update_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1F2D335-CDDF-4D2E-80CA-F1A0AF92501A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F98D2BD-2AC1-4C4C-8A10-71093DCBC4E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDC09958-5286-4C16-AB6F-63B4BDD902B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDE1E9E9-85EF-4ACA-902B-00225EB4324F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0CDBFCB-42EA-4F19-A98D-7696B0D526CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"53DCFF2A-77A7-41DB-A712-9B6D1FD2574A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.4.2_17\",\"matchCriteriaId\":\"15D0F887-8AD6-42B1-8ED6-8E7135690270\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF4E34FD-D927-42BB-8A16-031D77CB4B9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37A3D49A-BE20-47BF-A85F-122357BAB098\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F45DB5D3-7F35-4531-9A82-24EB50034787\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4695F707-12E8-4BA4-BBE1-C21CB7213A2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C918FB49-DA13-4326-BE86-6F6BEA4CE4E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5573CAD1-39D1-4ADB-BB95-EBB554B43B4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD02EBDF-6E51-4538-9EDD-B1DE914D09C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53C3C0E3-5F40-412B-A4AD-A7A291DE2A08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36888382-79C8-4C97-A654-C668CD68556F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F34C99E6-F9F0-4EF3-8601-B47EAE3D7273\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74DD08D-CEDB-460E-BED5-78F6CAF18BF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4F64FBC-DC97-4FE3-A235-18B87945AF7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85048406-9051-4E69-94A8-5C449F3B89E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1C88DD7-0B46-4405-BD35-60D27E2DBA14\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31010\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31055\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31497\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31600\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/32018\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/32179\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/32180\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/37386\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200911-02.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT3178\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT3179\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0594.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0595.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/497041/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/30141\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1020455\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-193A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0016.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2056/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2740\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/43659\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31497\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31600\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/32018\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/32179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/32180\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/37386\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200911-02.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT3178\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT3179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0594.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0595.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/497041/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/30141\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1020455\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-193A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2056/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/43659\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
ghsa-59rm-f3qj-r4jw
Vulnerability from github
Published
2022-05-01 23:56
Modified
2022-05-01 23:56
VLAI Severity ?
Details
Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
{
"affected": [],
"aliases": [
"CVE-2008-3107"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-07-09T23:41:00Z",
"severity": "HIGH"
},
"details": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"id": "GHSA-59rm-f3qj-r4jw",
"modified": "2022-05-01T23:56:44Z",
"published": "2022-05-01T23:56:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43659"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31010"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31055"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31497"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31600"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32018"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32179"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32180"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/37386"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"type": "WEB",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3178"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3179"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/30141"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1020455"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"type": "WEB",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2740"
}
],
"schema_version": "1.4.0",
"severity": []
}
rhsa-2008_0636
Vulnerability from csaf_redhat
Published
2008-08-13 14:18
Modified
2024-11-14 10:06
Summary
Red Hat Security Advisory: Red Hat Network Satellite Server Sun Java Runtime security update
Notes
Topic
Red Hat Network Satellite Server version 5.1.1 is now available. This
update includes fixes for a number of security issues in the Red Hat
Network Satellite Server Sun Java Runtime Environment.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
This release corrects several security vulnerabilities in the Sun Java
Runtime Environment shipped as part of Red Hat Network Satellite Server
5.1. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets.
Multiple flaws were fixed in the Sun Java 1.5.0 Runtime Environment.
(CVE-2008-3103, CVE-2008-3104, CVE-2008-3107, CVE-2008-3111, CVE-2008-3112,
CVE-2008-3113, CVE-2008-3114)
Users of Red Hat Network Satellite Server 5.1 are advised to upgrade to
5.1.1, which resolves these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Network Satellite Server version 5.1.1 is now available. This\nupdate includes fixes for a number of security issues in the Red Hat\nNetwork Satellite Server Sun Java Runtime Environment.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "This release corrects several security vulnerabilities in the Sun Java\nRuntime Environment shipped as part of Red Hat Network Satellite Server\n5.1. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets.\n\nMultiple flaws were fixed in the Sun Java 1.5.0 Runtime Environment.\n(CVE-2008-3103, CVE-2008-3104, CVE-2008-3107, CVE-2008-3111, CVE-2008-3112,\nCVE-2008-3113, CVE-2008-3114)\n\nUsers of Red Hat Network Satellite Server 5.1 are advised to upgrade to\n5.1.1, which resolves these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0636",
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0636.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Network Satellite Server Sun Java Runtime security update",
"tracking": {
"current_release_date": "2024-11-14T10:06:19+00:00",
"generator": {
"date": "2024-11-14T10:06:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2008:0636",
"initial_release_date": "2008-08-13T14:18:00+00:00",
"revision_history": [
{
"date": "2008-08-13T14:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-13T10:18:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T10:06:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product": {
"name": "Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.1::el4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-RHNSAT5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3103",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452659"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JMX allows illegal operations with local monitoring (6332953)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3103"
},
{
"category": "external",
"summary": "RHBZ#452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JMX allows illegal operations with local monitoring (6332953)"
},
{
"cve": "CVE-2008-3104",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454601"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java RE allows Same Origin Policy to be Bypassed (6687932)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3104"
},
{
"category": "external",
"summary": "RHBZ#454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java RE allows Same Origin Policy to be Bypassed (6687932)"
},
{
"cve": "CVE-2008-3107",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452658"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK untrusted applet/application privilege escalation (6661918)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3107"
},
{
"category": "external",
"summary": "RHBZ#452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK untrusted applet/application privilege escalation (6661918)"
},
{
"cve": "CVE-2008-3111",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454605"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start Buffer overflow vulnerabilities (6557220)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3111"
},
{
"category": "external",
"summary": "RHBZ#454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start Buffer overflow vulnerabilities (6557220)"
},
{
"cve": "CVE-2008-3112",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454606"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, arbitrary file creation (6703909)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3112"
},
{
"category": "external",
"summary": "RHBZ#454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start, arbitrary file creation (6703909)"
},
{
"cve": "CVE-2008-3113",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454607"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3113"
},
{
"category": "external",
"summary": "RHBZ#454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)"
},
{
"cve": "CVE-2008-3114",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454608"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, untrusted application may determine Cache Location (6704074)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3114"
},
{
"category": "external",
"summary": "RHBZ#454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start, untrusted application may determine Cache Location (6704074)"
}
]
}
RHSA-2008:0636
Vulnerability from csaf_redhat
Published
2008-08-13 14:18
Modified
2025-09-26 03:07
Summary
Red Hat Security Advisory: Red Hat Network Satellite Server Sun Java Runtime security update
Notes
Topic
Red Hat Network Satellite Server version 5.1.1 is now available. This
update includes fixes for a number of security issues in the Red Hat
Network Satellite Server Sun Java Runtime Environment.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
This release corrects several security vulnerabilities in the Sun Java
Runtime Environment shipped as part of Red Hat Network Satellite Server
5.1. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets.
Multiple flaws were fixed in the Sun Java 1.5.0 Runtime Environment.
(CVE-2008-3103, CVE-2008-3104, CVE-2008-3107, CVE-2008-3111, CVE-2008-3112,
CVE-2008-3113, CVE-2008-3114)
Users of Red Hat Network Satellite Server 5.1 are advised to upgrade to
5.1.1, which resolves these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Network Satellite Server version 5.1.1 is now available. This\nupdate includes fixes for a number of security issues in the Red Hat\nNetwork Satellite Server Sun Java Runtime Environment.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "This release corrects several security vulnerabilities in the Sun Java\nRuntime Environment shipped as part of Red Hat Network Satellite Server\n5.1. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets.\n\nMultiple flaws were fixed in the Sun Java 1.5.0 Runtime Environment.\n(CVE-2008-3103, CVE-2008-3104, CVE-2008-3107, CVE-2008-3111, CVE-2008-3112,\nCVE-2008-3113, CVE-2008-3114)\n\nUsers of Red Hat Network Satellite Server 5.1 are advised to upgrade to\n5.1.1, which resolves these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0636",
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0636.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Network Satellite Server Sun Java Runtime security update",
"tracking": {
"current_release_date": "2025-09-26T03:07:09+00:00",
"generator": {
"date": "2025-09-26T03:07:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.8"
}
},
"id": "RHSA-2008:0636",
"initial_release_date": "2008-08-13T14:18:00+00:00",
"revision_history": [
{
"date": "2008-08-13T14:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-13T10:18:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-26T03:07:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product": {
"name": "Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.1::el4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-RHNSAT5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3103",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452659"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JMX allows illegal operations with local monitoring (6332953)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3103"
},
{
"category": "external",
"summary": "RHBZ#452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JMX allows illegal operations with local monitoring (6332953)"
},
{
"cve": "CVE-2008-3104",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454601"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java RE allows Same Origin Policy to be Bypassed (6687932)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3104"
},
{
"category": "external",
"summary": "RHBZ#454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java RE allows Same Origin Policy to be Bypassed (6687932)"
},
{
"cve": "CVE-2008-3107",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452658"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK untrusted applet/application privilege escalation (6661918)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3107"
},
{
"category": "external",
"summary": "RHBZ#452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK untrusted applet/application privilege escalation (6661918)"
},
{
"cve": "CVE-2008-3111",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454605"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start Buffer overflow vulnerabilities (6557220)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3111"
},
{
"category": "external",
"summary": "RHBZ#454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start Buffer overflow vulnerabilities (6557220)"
},
{
"cve": "CVE-2008-3112",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454606"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, arbitrary file creation (6703909)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3112"
},
{
"category": "external",
"summary": "RHBZ#454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start, arbitrary file creation (6703909)"
},
{
"cve": "CVE-2008-3113",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454607"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3113"
},
{
"category": "external",
"summary": "RHBZ#454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)"
},
{
"cve": "CVE-2008-3114",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454608"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, untrusted application may determine Cache Location (6704074)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3114"
},
{
"category": "external",
"summary": "RHBZ#454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start, untrusted application may determine Cache Location (6704074)"
}
]
}
RHSA-2008:0594
Vulnerability from csaf_redhat
Published
2008-07-14 15:32
Modified
2025-09-26 03:07
Summary
Red Hat Security Advisory: java-1.6.0-sun security update
Notes
Topic
Updated java-1.6.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools that
users need to run applets and applications written using the Java
programming language.
A vulnerability was found in the Java Management Extensions (JMX)
management agent, when local monitoring is enabled. This allowed remote
attackers to perform illegal operations. (CVE-2008-3103)
Multiple vulnerabilities with unsigned applets were reported. A remote
attacker could misuse an unsigned applet to connect to localhost services
running on the host running the applet. (CVE-2008-3104)
Several vulnerabilities in the Java API for XML Web Services (JAX-WS)
client and service implementation were found. A remote attacker who caused
malicious XML to be processed by a trusted or untrusted application was
able access URLs or cause a denial of service. (CVE-2008-3105, CVE-2008-3106)
A JRE vulnerability could be triggered by an untrusted application or
applet. A remote attacker could grant an untrusted applet or application
extended privileges such as being able to read and write local files, or
execute local programs. (CVE-2008-3107)
Several vulnerabilities within the JRE scripting support were reported. A
remote attacker could grant an untrusted applet extended privileges such as
reading and writing local files, executing local programs, or querying the
sensitive data of other applets. (CVE-2008-3109, CVE-2008-3110)
A vulnerability in Java Web Start was found. A remote attacker was able to
create arbitrary files with the permissions of the user running the
untrusted Java Web Start application. (CVE-2008-3112)
Another vulnerability in Java Web Start when processing untrusted
applications was reported. An attacker was able to acquire sensitive
information, such as the cache location. (CVE-2008-3114)
Users of java-1.6.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.6.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Java Runtime Environment (JRE) contains the software and tools that\nusers need to run applets and applications written using the Java\nprogramming language. \n\nA vulnerability was found in the Java Management Extensions (JMX)\nmanagement agent, when local monitoring is enabled. This allowed remote\nattackers to perform illegal operations. (CVE-2008-3103)\n\nMultiple vulnerabilities with unsigned applets were reported. A remote\nattacker could misuse an unsigned applet to connect to localhost services\nrunning on the host running the applet. (CVE-2008-3104)\n\nSeveral vulnerabilities in the Java API for XML Web Services (JAX-WS)\nclient and service implementation were found. A remote attacker who caused\nmalicious XML to be processed by a trusted or untrusted application was\nable access URLs or cause a denial of service. (CVE-2008-3105, CVE-2008-3106)\n\nA JRE vulnerability could be triggered by an untrusted application or\napplet. A remote attacker could grant an untrusted applet or application\nextended privileges such as being able to read and write local files, or\nexecute local programs. (CVE-2008-3107)\n\nSeveral vulnerabilities within the JRE scripting support were reported. A\nremote attacker could grant an untrusted applet extended privileges such as\nreading and writing local files, executing local programs, or querying the\nsensitive data of other applets. (CVE-2008-3109, CVE-2008-3110)\n\nA vulnerability in Java Web Start was found. A remote attacker was able to\ncreate arbitrary files with the permissions of the user running the\nuntrusted Java Web Start application. (CVE-2008-3112)\n\nAnother vulnerability in Java Web Start when processing untrusted\napplications was reported. An attacker was able to acquire sensitive\ninformation, such as the cache location. (CVE-2008-3114)\n\nUsers of java-1.6.0-sun should upgrade to these updated packages, which\ncorrect these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0594",
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "452649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452649"
},
{
"category": "external",
"summary": "452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "454603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454603"
},
{
"category": "external",
"summary": "454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0594.json"
}
],
"title": "Red Hat Security Advisory: java-1.6.0-sun security update",
"tracking": {
"current_release_date": "2025-09-26T03:07:08+00:00",
"generator": {
"date": "2025-09-26T03:07:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.8"
}
},
"id": "RHSA-2008:0594",
"initial_release_date": "2008-07-14T15:32:00+00:00",
"revision_history": [
{
"date": "2008-07-14T15:32:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-07-14T11:32:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-26T03:07:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3103",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452659"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JMX allows illegal operations with local monitoring (6332953)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3103"
},
{
"category": "external",
"summary": "RHBZ#452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JMX allows illegal operations with local monitoring (6332953)"
},
{
"cve": "CVE-2008-3104",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454601"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java RE allows Same Origin Policy to be Bypassed (6687932)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3104"
},
{
"category": "external",
"summary": "RHBZ#454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java RE allows Same Origin Policy to be Bypassed (6687932)"
},
{
"cve": "CVE-2008-3105",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452649"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving \"processing of XML data\" by a trusted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JAX-WS unauthorized URL access (6542088)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3105"
},
{
"category": "external",
"summary": "RHBZ#452649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3105"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JAX-WS unauthorized URL access (6542088)"
},
{
"cve": "CVE-2008-3106",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618330"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3106"
},
{
"category": "external",
"summary": "RHBZ#1618330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3106"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3106",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3106"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2008-3107",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452658"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK untrusted applet/application privilege escalation (6661918)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3107"
},
{
"category": "external",
"summary": "RHBZ#452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK untrusted applet/application privilege escalation (6661918)"
},
{
"cve": "CVE-2008-3109",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454603"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3109"
},
{
"category": "external",
"summary": "RHBZ#454603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454603"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3109",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3109"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3109",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3109"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)"
},
{
"cve": "CVE-2008-3110",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618331"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to obtain sensitive information by using an applet to read information from another applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3110"
},
{
"category": "external",
"summary": "RHBZ#1618331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618331"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3110",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3110"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3110",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3110"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2008-3112",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454606"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, arbitrary file creation (6703909)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3112"
},
{
"category": "external",
"summary": "RHBZ#454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start, arbitrary file creation (6703909)"
},
{
"cve": "CVE-2008-3114",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454608"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, untrusted application may determine Cache Location (6704074)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3114"
},
{
"category": "external",
"summary": "RHBZ#454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start, untrusted application may determine Cache Location (6704074)"
}
]
}
rhsa-2008:0594
Vulnerability from csaf_redhat
Published
2008-07-14 15:32
Modified
2025-09-26 03:07
Summary
Red Hat Security Advisory: java-1.6.0-sun security update
Notes
Topic
Updated java-1.6.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools that
users need to run applets and applications written using the Java
programming language.
A vulnerability was found in the Java Management Extensions (JMX)
management agent, when local monitoring is enabled. This allowed remote
attackers to perform illegal operations. (CVE-2008-3103)
Multiple vulnerabilities with unsigned applets were reported. A remote
attacker could misuse an unsigned applet to connect to localhost services
running on the host running the applet. (CVE-2008-3104)
Several vulnerabilities in the Java API for XML Web Services (JAX-WS)
client and service implementation were found. A remote attacker who caused
malicious XML to be processed by a trusted or untrusted application was
able access URLs or cause a denial of service. (CVE-2008-3105, CVE-2008-3106)
A JRE vulnerability could be triggered by an untrusted application or
applet. A remote attacker could grant an untrusted applet or application
extended privileges such as being able to read and write local files, or
execute local programs. (CVE-2008-3107)
Several vulnerabilities within the JRE scripting support were reported. A
remote attacker could grant an untrusted applet extended privileges such as
reading and writing local files, executing local programs, or querying the
sensitive data of other applets. (CVE-2008-3109, CVE-2008-3110)
A vulnerability in Java Web Start was found. A remote attacker was able to
create arbitrary files with the permissions of the user running the
untrusted Java Web Start application. (CVE-2008-3112)
Another vulnerability in Java Web Start when processing untrusted
applications was reported. An attacker was able to acquire sensitive
information, such as the cache location. (CVE-2008-3114)
Users of java-1.6.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.6.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Java Runtime Environment (JRE) contains the software and tools that\nusers need to run applets and applications written using the Java\nprogramming language. \n\nA vulnerability was found in the Java Management Extensions (JMX)\nmanagement agent, when local monitoring is enabled. This allowed remote\nattackers to perform illegal operations. (CVE-2008-3103)\n\nMultiple vulnerabilities with unsigned applets were reported. A remote\nattacker could misuse an unsigned applet to connect to localhost services\nrunning on the host running the applet. (CVE-2008-3104)\n\nSeveral vulnerabilities in the Java API for XML Web Services (JAX-WS)\nclient and service implementation were found. A remote attacker who caused\nmalicious XML to be processed by a trusted or untrusted application was\nable access URLs or cause a denial of service. (CVE-2008-3105, CVE-2008-3106)\n\nA JRE vulnerability could be triggered by an untrusted application or\napplet. A remote attacker could grant an untrusted applet or application\nextended privileges such as being able to read and write local files, or\nexecute local programs. (CVE-2008-3107)\n\nSeveral vulnerabilities within the JRE scripting support were reported. A\nremote attacker could grant an untrusted applet extended privileges such as\nreading and writing local files, executing local programs, or querying the\nsensitive data of other applets. (CVE-2008-3109, CVE-2008-3110)\n\nA vulnerability in Java Web Start was found. A remote attacker was able to\ncreate arbitrary files with the permissions of the user running the\nuntrusted Java Web Start application. (CVE-2008-3112)\n\nAnother vulnerability in Java Web Start when processing untrusted\napplications was reported. An attacker was able to acquire sensitive\ninformation, such as the cache location. (CVE-2008-3114)\n\nUsers of java-1.6.0-sun should upgrade to these updated packages, which\ncorrect these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0594",
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "452649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452649"
},
{
"category": "external",
"summary": "452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "454603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454603"
},
{
"category": "external",
"summary": "454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0594.json"
}
],
"title": "Red Hat Security Advisory: java-1.6.0-sun security update",
"tracking": {
"current_release_date": "2025-09-26T03:07:08+00:00",
"generator": {
"date": "2025-09-26T03:07:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.8"
}
},
"id": "RHSA-2008:0594",
"initial_release_date": "2008-07-14T15:32:00+00:00",
"revision_history": [
{
"date": "2008-07-14T15:32:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-07-14T11:32:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-26T03:07:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3103",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452659"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JMX allows illegal operations with local monitoring (6332953)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3103"
},
{
"category": "external",
"summary": "RHBZ#452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JMX allows illegal operations with local monitoring (6332953)"
},
{
"cve": "CVE-2008-3104",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454601"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java RE allows Same Origin Policy to be Bypassed (6687932)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3104"
},
{
"category": "external",
"summary": "RHBZ#454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java RE allows Same Origin Policy to be Bypassed (6687932)"
},
{
"cve": "CVE-2008-3105",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452649"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving \"processing of XML data\" by a trusted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JAX-WS unauthorized URL access (6542088)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3105"
},
{
"category": "external",
"summary": "RHBZ#452649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3105"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JAX-WS unauthorized URL access (6542088)"
},
{
"cve": "CVE-2008-3106",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618330"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3106"
},
{
"category": "external",
"summary": "RHBZ#1618330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3106"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3106",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3106"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2008-3107",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452658"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK untrusted applet/application privilege escalation (6661918)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3107"
},
{
"category": "external",
"summary": "RHBZ#452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK untrusted applet/application privilege escalation (6661918)"
},
{
"cve": "CVE-2008-3109",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454603"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3109"
},
{
"category": "external",
"summary": "RHBZ#454603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454603"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3109",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3109"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3109",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3109"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)"
},
{
"cve": "CVE-2008-3110",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618331"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to obtain sensitive information by using an applet to read information from another applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3110"
},
{
"category": "external",
"summary": "RHBZ#1618331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618331"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3110",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3110"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3110",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3110"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2008-3112",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454606"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, arbitrary file creation (6703909)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3112"
},
{
"category": "external",
"summary": "RHBZ#454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start, arbitrary file creation (6703909)"
},
{
"cve": "CVE-2008-3114",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454608"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, untrusted application may determine Cache Location (6704074)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3114"
},
{
"category": "external",
"summary": "RHBZ#454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start, untrusted application may determine Cache Location (6704074)"
}
]
}
rhsa-2008_0594
Vulnerability from csaf_redhat
Published
2008-07-14 15:32
Modified
2024-11-14 10:06
Summary
Red Hat Security Advisory: java-1.6.0-sun security update
Notes
Topic
Updated java-1.6.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools that
users need to run applets and applications written using the Java
programming language.
A vulnerability was found in the Java Management Extensions (JMX)
management agent, when local monitoring is enabled. This allowed remote
attackers to perform illegal operations. (CVE-2008-3103)
Multiple vulnerabilities with unsigned applets were reported. A remote
attacker could misuse an unsigned applet to connect to localhost services
running on the host running the applet. (CVE-2008-3104)
Several vulnerabilities in the Java API for XML Web Services (JAX-WS)
client and service implementation were found. A remote attacker who caused
malicious XML to be processed by a trusted or untrusted application was
able access URLs or cause a denial of service. (CVE-2008-3105, CVE-2008-3106)
A JRE vulnerability could be triggered by an untrusted application or
applet. A remote attacker could grant an untrusted applet or application
extended privileges such as being able to read and write local files, or
execute local programs. (CVE-2008-3107)
Several vulnerabilities within the JRE scripting support were reported. A
remote attacker could grant an untrusted applet extended privileges such as
reading and writing local files, executing local programs, or querying the
sensitive data of other applets. (CVE-2008-3109, CVE-2008-3110)
A vulnerability in Java Web Start was found. A remote attacker was able to
create arbitrary files with the permissions of the user running the
untrusted Java Web Start application. (CVE-2008-3112)
Another vulnerability in Java Web Start when processing untrusted
applications was reported. An attacker was able to acquire sensitive
information, such as the cache location. (CVE-2008-3114)
Users of java-1.6.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.6.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Java Runtime Environment (JRE) contains the software and tools that\nusers need to run applets and applications written using the Java\nprogramming language. \n\nA vulnerability was found in the Java Management Extensions (JMX)\nmanagement agent, when local monitoring is enabled. This allowed remote\nattackers to perform illegal operations. (CVE-2008-3103)\n\nMultiple vulnerabilities with unsigned applets were reported. A remote\nattacker could misuse an unsigned applet to connect to localhost services\nrunning on the host running the applet. (CVE-2008-3104)\n\nSeveral vulnerabilities in the Java API for XML Web Services (JAX-WS)\nclient and service implementation were found. A remote attacker who caused\nmalicious XML to be processed by a trusted or untrusted application was\nable access URLs or cause a denial of service. (CVE-2008-3105, CVE-2008-3106)\n\nA JRE vulnerability could be triggered by an untrusted application or\napplet. A remote attacker could grant an untrusted applet or application\nextended privileges such as being able to read and write local files, or\nexecute local programs. (CVE-2008-3107)\n\nSeveral vulnerabilities within the JRE scripting support were reported. A\nremote attacker could grant an untrusted applet extended privileges such as\nreading and writing local files, executing local programs, or querying the\nsensitive data of other applets. (CVE-2008-3109, CVE-2008-3110)\n\nA vulnerability in Java Web Start was found. A remote attacker was able to\ncreate arbitrary files with the permissions of the user running the\nuntrusted Java Web Start application. (CVE-2008-3112)\n\nAnother vulnerability in Java Web Start when processing untrusted\napplications was reported. An attacker was able to acquire sensitive\ninformation, such as the cache location. (CVE-2008-3114)\n\nUsers of java-1.6.0-sun should upgrade to these updated packages, which\ncorrect these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0594",
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "452649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452649"
},
{
"category": "external",
"summary": "452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "454603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454603"
},
{
"category": "external",
"summary": "454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0594.json"
}
],
"title": "Red Hat Security Advisory: java-1.6.0-sun security update",
"tracking": {
"current_release_date": "2024-11-14T10:06:35+00:00",
"generator": {
"date": "2024-11-14T10:06:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2008:0594",
"initial_release_date": "2008-07-14T15:32:00+00:00",
"revision_history": [
{
"date": "2008-07-14T15:32:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-07-14T11:32:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T10:06:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.2.el4?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.7-1jpp.2.el4?arch=i586\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3103",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452659"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JMX allows illegal operations with local monitoring (6332953)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3103"
},
{
"category": "external",
"summary": "RHBZ#452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JMX allows illegal operations with local monitoring (6332953)"
},
{
"cve": "CVE-2008-3104",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454601"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java RE allows Same Origin Policy to be Bypassed (6687932)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3104"
},
{
"category": "external",
"summary": "RHBZ#454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java RE allows Same Origin Policy to be Bypassed (6687932)"
},
{
"cve": "CVE-2008-3105",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452649"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving \"processing of XML data\" by a trusted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JAX-WS unauthorized URL access (6542088)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3105"
},
{
"category": "external",
"summary": "RHBZ#452649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3105"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JAX-WS unauthorized URL access (6542088)"
},
{
"cve": "CVE-2008-3106",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618330"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3106"
},
{
"category": "external",
"summary": "RHBZ#1618330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3106"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3106",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3106"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2008-3107",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452658"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK untrusted applet/application privilege escalation (6661918)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3107"
},
{
"category": "external",
"summary": "RHBZ#452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK untrusted applet/application privilege escalation (6661918)"
},
{
"cve": "CVE-2008-3109",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454603"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3109"
},
{
"category": "external",
"summary": "RHBZ#454603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454603"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3109",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3109"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3109",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3109"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)"
},
{
"cve": "CVE-2008-3110",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618331"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to obtain sensitive information by using an applet to read information from another applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3110"
},
{
"category": "external",
"summary": "RHBZ#1618331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618331"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3110",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3110"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3110",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3110"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2008-3112",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454606"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, arbitrary file creation (6703909)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3112"
},
{
"category": "external",
"summary": "RHBZ#454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start, arbitrary file creation (6703909)"
},
{
"cve": "CVE-2008-3114",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454608"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, untrusted application may determine Cache Location (6704074)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3114"
},
{
"category": "external",
"summary": "RHBZ#454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:32:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.7-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.7-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.7-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0594"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start, untrusted application may determine Cache Location (6704074)"
}
]
}
rhsa-2008:0595
Vulnerability from csaf_redhat
Published
2008-07-14 15:37
Modified
2025-09-26 03:07
Summary
Red Hat Security Advisory: java-1.5.0-sun security update
Notes
Topic
Updated java-1.5.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools that
users need to run applets and applications written using the Java
programming language.
A vulnerability was found in the Java Management Extensions (JMX)
management agent, when local monitoring is enabled. This allowed remote
attackers to perform illegal operations. (CVE-2008-3103)
Multiple vulnerabilities with unsigned applets were reported. A remote
attacker could misuse an unsigned applet to connect to localhost services
running on the host running the applet. (CVE-2008-3104)
A Java Runtime Environment (JRE) vulnerability could be triggered by an
untrusted application or applet. A remote attacker could grant an untrusted
applet extended privileges such as reading and writing local files, or
executing local programs. (CVE-2008-3107)
Several buffer overflow vulnerabilities in Java Web Start were reported.
These vulnerabilities may allow an untrusted Java Web Start application to
elevate its privileges and thereby grant itself permission to read and/or
write local files, as well as to execute local applications accessible to
the user running the untrusted application. (CVE-2008-3111)
Two file processing vulnerabilities in Java Web Start were found. A remote
attacker, by means of an untrusted Java Web Start application, was able to
create or delete arbitrary files with the permissions of the user running
the untrusted application. (CVE-2008-3112, CVE-2008-3113)
A vulnerability in Java Web Start when processing untrusted applications
was reported. An attacker was able to acquire sensitive information, such
as the cache location. (CVE-2008-3114)
Users of java-1.5.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.5.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Java Runtime Environment (JRE) contains the software and tools that\nusers need to run applets and applications written using the Java\nprogramming language. \n\nA vulnerability was found in the Java Management Extensions (JMX)\nmanagement agent, when local monitoring is enabled. This allowed remote\nattackers to perform illegal operations. (CVE-2008-3103)\n\nMultiple vulnerabilities with unsigned applets were reported. A remote\nattacker could misuse an unsigned applet to connect to localhost services\nrunning on the host running the applet. (CVE-2008-3104)\n\nA Java Runtime Environment (JRE) vulnerability could be triggered by an\nuntrusted application or applet. A remote attacker could grant an untrusted\napplet extended privileges such as reading and writing local files, or\nexecuting local programs. (CVE-2008-3107)\n\nSeveral buffer overflow vulnerabilities in Java Web Start were reported.\nThese vulnerabilities may allow an untrusted Java Web Start application to\nelevate its privileges and thereby grant itself permission to read and/or\nwrite local files, as well as to execute local applications accessible to\nthe user running the untrusted application. (CVE-2008-3111)\n\nTwo file processing vulnerabilities in Java Web Start were found. A remote\nattacker, by means of an untrusted Java Web Start application, was able to\ncreate or delete arbitrary files with the permissions of the user running\nthe untrusted application. (CVE-2008-3112, CVE-2008-3113)\n\nA vulnerability in Java Web Start when processing untrusted applications\nwas reported. An attacker was able to acquire sensitive information, such\nas the cache location. (CVE-2008-3114) \n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which\ncorrect these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0595",
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0595.json"
}
],
"title": "Red Hat Security Advisory: java-1.5.0-sun security update",
"tracking": {
"current_release_date": "2025-09-26T03:07:08+00:00",
"generator": {
"date": "2025-09-26T03:07:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.8"
}
},
"id": "RHSA-2008:0595",
"initial_release_date": "2008-07-14T15:37:00+00:00",
"revision_history": [
{
"date": "2008-07-14T15:37:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-07-14T11:37:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-26T03:07:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3103",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452659"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JMX allows illegal operations with local monitoring (6332953)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3103"
},
{
"category": "external",
"summary": "RHBZ#452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JMX allows illegal operations with local monitoring (6332953)"
},
{
"cve": "CVE-2008-3104",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454601"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java RE allows Same Origin Policy to be Bypassed (6687932)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3104"
},
{
"category": "external",
"summary": "RHBZ#454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java RE allows Same Origin Policy to be Bypassed (6687932)"
},
{
"cve": "CVE-2008-3107",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452658"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK untrusted applet/application privilege escalation (6661918)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3107"
},
{
"category": "external",
"summary": "RHBZ#452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK untrusted applet/application privilege escalation (6661918)"
},
{
"cve": "CVE-2008-3111",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454605"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start Buffer overflow vulnerabilities (6557220)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3111"
},
{
"category": "external",
"summary": "RHBZ#454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start Buffer overflow vulnerabilities (6557220)"
},
{
"cve": "CVE-2008-3112",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454606"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, arbitrary file creation (6703909)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3112"
},
{
"category": "external",
"summary": "RHBZ#454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start, arbitrary file creation (6703909)"
},
{
"cve": "CVE-2008-3113",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454607"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3113"
},
{
"category": "external",
"summary": "RHBZ#454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)"
},
{
"cve": "CVE-2008-3114",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454608"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, untrusted application may determine Cache Location (6704074)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3114"
},
{
"category": "external",
"summary": "RHBZ#454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start, untrusted application may determine Cache Location (6704074)"
}
]
}
rhsa-2008:0636
Vulnerability from csaf_redhat
Published
2008-08-13 14:18
Modified
2025-09-26 03:07
Summary
Red Hat Security Advisory: Red Hat Network Satellite Server Sun Java Runtime security update
Notes
Topic
Red Hat Network Satellite Server version 5.1.1 is now available. This
update includes fixes for a number of security issues in the Red Hat
Network Satellite Server Sun Java Runtime Environment.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
This release corrects several security vulnerabilities in the Sun Java
Runtime Environment shipped as part of Red Hat Network Satellite Server
5.1. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets.
Multiple flaws were fixed in the Sun Java 1.5.0 Runtime Environment.
(CVE-2008-3103, CVE-2008-3104, CVE-2008-3107, CVE-2008-3111, CVE-2008-3112,
CVE-2008-3113, CVE-2008-3114)
Users of Red Hat Network Satellite Server 5.1 are advised to upgrade to
5.1.1, which resolves these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Network Satellite Server version 5.1.1 is now available. This\nupdate includes fixes for a number of security issues in the Red Hat\nNetwork Satellite Server Sun Java Runtime Environment.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "This release corrects several security vulnerabilities in the Sun Java\nRuntime Environment shipped as part of Red Hat Network Satellite Server\n5.1. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets.\n\nMultiple flaws were fixed in the Sun Java 1.5.0 Runtime Environment.\n(CVE-2008-3103, CVE-2008-3104, CVE-2008-3107, CVE-2008-3111, CVE-2008-3112,\nCVE-2008-3113, CVE-2008-3114)\n\nUsers of Red Hat Network Satellite Server 5.1 are advised to upgrade to\n5.1.1, which resolves these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0636",
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0636.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Network Satellite Server Sun Java Runtime security update",
"tracking": {
"current_release_date": "2025-09-26T03:07:09+00:00",
"generator": {
"date": "2025-09-26T03:07:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.8"
}
},
"id": "RHSA-2008:0636",
"initial_release_date": "2008-08-13T14:18:00+00:00",
"revision_history": [
{
"date": "2008-08-13T14:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-13T10:18:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-26T03:07:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product": {
"name": "Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.1::el4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-RHNSAT5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3103",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452659"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JMX allows illegal operations with local monitoring (6332953)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3103"
},
{
"category": "external",
"summary": "RHBZ#452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JMX allows illegal operations with local monitoring (6332953)"
},
{
"cve": "CVE-2008-3104",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454601"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java RE allows Same Origin Policy to be Bypassed (6687932)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3104"
},
{
"category": "external",
"summary": "RHBZ#454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java RE allows Same Origin Policy to be Bypassed (6687932)"
},
{
"cve": "CVE-2008-3107",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452658"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK untrusted applet/application privilege escalation (6661918)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3107"
},
{
"category": "external",
"summary": "RHBZ#452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK untrusted applet/application privilege escalation (6661918)"
},
{
"cve": "CVE-2008-3111",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454605"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start Buffer overflow vulnerabilities (6557220)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3111"
},
{
"category": "external",
"summary": "RHBZ#454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start Buffer overflow vulnerabilities (6557220)"
},
{
"cve": "CVE-2008-3112",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454606"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, arbitrary file creation (6703909)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3112"
},
{
"category": "external",
"summary": "RHBZ#454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start, arbitrary file creation (6703909)"
},
{
"cve": "CVE-2008-3113",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454607"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3113"
},
{
"category": "external",
"summary": "RHBZ#454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)"
},
{
"cve": "CVE-2008-3114",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454608"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, untrusted application may determine Cache Location (6704074)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3114"
},
{
"category": "external",
"summary": "RHBZ#454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:18:00+00:00",
"details": "This update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-RHNSAT5.1:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0636"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start, untrusted application may determine Cache Location (6704074)"
}
]
}
rhsa-2008_0595
Vulnerability from csaf_redhat
Published
2008-07-14 15:37
Modified
2024-11-14 10:06
Summary
Red Hat Security Advisory: java-1.5.0-sun security update
Notes
Topic
Updated java-1.5.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools that
users need to run applets and applications written using the Java
programming language.
A vulnerability was found in the Java Management Extensions (JMX)
management agent, when local monitoring is enabled. This allowed remote
attackers to perform illegal operations. (CVE-2008-3103)
Multiple vulnerabilities with unsigned applets were reported. A remote
attacker could misuse an unsigned applet to connect to localhost services
running on the host running the applet. (CVE-2008-3104)
A Java Runtime Environment (JRE) vulnerability could be triggered by an
untrusted application or applet. A remote attacker could grant an untrusted
applet extended privileges such as reading and writing local files, or
executing local programs. (CVE-2008-3107)
Several buffer overflow vulnerabilities in Java Web Start were reported.
These vulnerabilities may allow an untrusted Java Web Start application to
elevate its privileges and thereby grant itself permission to read and/or
write local files, as well as to execute local applications accessible to
the user running the untrusted application. (CVE-2008-3111)
Two file processing vulnerabilities in Java Web Start were found. A remote
attacker, by means of an untrusted Java Web Start application, was able to
create or delete arbitrary files with the permissions of the user running
the untrusted application. (CVE-2008-3112, CVE-2008-3113)
A vulnerability in Java Web Start when processing untrusted applications
was reported. An attacker was able to acquire sensitive information, such
as the cache location. (CVE-2008-3114)
Users of java-1.5.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.5.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Java Runtime Environment (JRE) contains the software and tools that\nusers need to run applets and applications written using the Java\nprogramming language. \n\nA vulnerability was found in the Java Management Extensions (JMX)\nmanagement agent, when local monitoring is enabled. This allowed remote\nattackers to perform illegal operations. (CVE-2008-3103)\n\nMultiple vulnerabilities with unsigned applets were reported. A remote\nattacker could misuse an unsigned applet to connect to localhost services\nrunning on the host running the applet. (CVE-2008-3104)\n\nA Java Runtime Environment (JRE) vulnerability could be triggered by an\nuntrusted application or applet. A remote attacker could grant an untrusted\napplet extended privileges such as reading and writing local files, or\nexecuting local programs. (CVE-2008-3107)\n\nSeveral buffer overflow vulnerabilities in Java Web Start were reported.\nThese vulnerabilities may allow an untrusted Java Web Start application to\nelevate its privileges and thereby grant itself permission to read and/or\nwrite local files, as well as to execute local applications accessible to\nthe user running the untrusted application. (CVE-2008-3111)\n\nTwo file processing vulnerabilities in Java Web Start were found. A remote\nattacker, by means of an untrusted Java Web Start application, was able to\ncreate or delete arbitrary files with the permissions of the user running\nthe untrusted application. (CVE-2008-3112, CVE-2008-3113)\n\nA vulnerability in Java Web Start when processing untrusted applications\nwas reported. An attacker was able to acquire sensitive information, such\nas the cache location. (CVE-2008-3114) \n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which\ncorrect these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0595",
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0595.json"
}
],
"title": "Red Hat Security Advisory: java-1.5.0-sun security update",
"tracking": {
"current_release_date": "2024-11-14T10:06:39+00:00",
"generator": {
"date": "2024-11-14T10:06:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2008:0595",
"initial_release_date": "2008-07-14T15:37:00+00:00",
"revision_history": [
{
"date": "2008-07-14T15:37:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-07-14T11:37:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T10:06:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3103",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452659"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JMX allows illegal operations with local monitoring (6332953)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3103"
},
{
"category": "external",
"summary": "RHBZ#452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JMX allows illegal operations with local monitoring (6332953)"
},
{
"cve": "CVE-2008-3104",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454601"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java RE allows Same Origin Policy to be Bypassed (6687932)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3104"
},
{
"category": "external",
"summary": "RHBZ#454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java RE allows Same Origin Policy to be Bypassed (6687932)"
},
{
"cve": "CVE-2008-3107",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452658"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK untrusted applet/application privilege escalation (6661918)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3107"
},
{
"category": "external",
"summary": "RHBZ#452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK untrusted applet/application privilege escalation (6661918)"
},
{
"cve": "CVE-2008-3111",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454605"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start Buffer overflow vulnerabilities (6557220)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3111"
},
{
"category": "external",
"summary": "RHBZ#454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start Buffer overflow vulnerabilities (6557220)"
},
{
"cve": "CVE-2008-3112",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454606"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, arbitrary file creation (6703909)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3112"
},
{
"category": "external",
"summary": "RHBZ#454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start, arbitrary file creation (6703909)"
},
{
"cve": "CVE-2008-3113",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454607"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3113"
},
{
"category": "external",
"summary": "RHBZ#454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)"
},
{
"cve": "CVE-2008-3114",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454608"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, untrusted application may determine Cache Location (6704074)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3114"
},
{
"category": "external",
"summary": "RHBZ#454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start, untrusted application may determine Cache Location (6704074)"
}
]
}
RHSA-2008:0595
Vulnerability from csaf_redhat
Published
2008-07-14 15:37
Modified
2025-09-26 03:07
Summary
Red Hat Security Advisory: java-1.5.0-sun security update
Notes
Topic
Updated java-1.5.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools that
users need to run applets and applications written using the Java
programming language.
A vulnerability was found in the Java Management Extensions (JMX)
management agent, when local monitoring is enabled. This allowed remote
attackers to perform illegal operations. (CVE-2008-3103)
Multiple vulnerabilities with unsigned applets were reported. A remote
attacker could misuse an unsigned applet to connect to localhost services
running on the host running the applet. (CVE-2008-3104)
A Java Runtime Environment (JRE) vulnerability could be triggered by an
untrusted application or applet. A remote attacker could grant an untrusted
applet extended privileges such as reading and writing local files, or
executing local programs. (CVE-2008-3107)
Several buffer overflow vulnerabilities in Java Web Start were reported.
These vulnerabilities may allow an untrusted Java Web Start application to
elevate its privileges and thereby grant itself permission to read and/or
write local files, as well as to execute local applications accessible to
the user running the untrusted application. (CVE-2008-3111)
Two file processing vulnerabilities in Java Web Start were found. A remote
attacker, by means of an untrusted Java Web Start application, was able to
create or delete arbitrary files with the permissions of the user running
the untrusted application. (CVE-2008-3112, CVE-2008-3113)
A vulnerability in Java Web Start when processing untrusted applications
was reported. An attacker was able to acquire sensitive information, such
as the cache location. (CVE-2008-3114)
Users of java-1.5.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.5.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Java Runtime Environment (JRE) contains the software and tools that\nusers need to run applets and applications written using the Java\nprogramming language. \n\nA vulnerability was found in the Java Management Extensions (JMX)\nmanagement agent, when local monitoring is enabled. This allowed remote\nattackers to perform illegal operations. (CVE-2008-3103)\n\nMultiple vulnerabilities with unsigned applets were reported. A remote\nattacker could misuse an unsigned applet to connect to localhost services\nrunning on the host running the applet. (CVE-2008-3104)\n\nA Java Runtime Environment (JRE) vulnerability could be triggered by an\nuntrusted application or applet. A remote attacker could grant an untrusted\napplet extended privileges such as reading and writing local files, or\nexecuting local programs. (CVE-2008-3107)\n\nSeveral buffer overflow vulnerabilities in Java Web Start were reported.\nThese vulnerabilities may allow an untrusted Java Web Start application to\nelevate its privileges and thereby grant itself permission to read and/or\nwrite local files, as well as to execute local applications accessible to\nthe user running the untrusted application. (CVE-2008-3111)\n\nTwo file processing vulnerabilities in Java Web Start were found. A remote\nattacker, by means of an untrusted Java Web Start application, was able to\ncreate or delete arbitrary files with the permissions of the user running\nthe untrusted application. (CVE-2008-3112, CVE-2008-3113)\n\nA vulnerability in Java Web Start when processing untrusted applications\nwas reported. An attacker was able to acquire sensitive information, such\nas the cache location. (CVE-2008-3114) \n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which\ncorrect these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0595",
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0595.json"
}
],
"title": "Red Hat Security Advisory: java-1.5.0-sun security update",
"tracking": {
"current_release_date": "2025-09-26T03:07:08+00:00",
"generator": {
"date": "2025-09-26T03:07:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.8"
}
},
"id": "RHSA-2008:0595",
"initial_release_date": "2008-07-14T15:37:00+00:00",
"revision_history": [
{
"date": "2008-07-14T15:37:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-07-14T11:37:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-26T03:07:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.16-1jpp.2.el4?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3103",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452659"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JMX allows illegal operations with local monitoring (6332953)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3103"
},
{
"category": "external",
"summary": "RHBZ#452659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452659"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3103"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK JMX allows illegal operations with local monitoring (6332953)"
},
{
"cve": "CVE-2008-3104",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454601"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java RE allows Same Origin Policy to be Bypassed (6687932)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3104"
},
{
"category": "external",
"summary": "RHBZ#454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java RE allows Same Origin Policy to be Bypassed (6687932)"
},
{
"cve": "CVE-2008-3107",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "452658"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK untrusted applet/application privilege escalation (6661918)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3107"
},
{
"category": "external",
"summary": "RHBZ#452658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3107"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK untrusted applet/application privilege escalation (6661918)"
},
{
"cve": "CVE-2008-3111",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454605"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start Buffer overflow vulnerabilities (6557220)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3111"
},
{
"category": "external",
"summary": "RHBZ#454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start Buffer overflow vulnerabilities (6557220)"
},
{
"cve": "CVE-2008-3112",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454606"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, arbitrary file creation (6703909)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3112"
},
{
"category": "external",
"summary": "RHBZ#454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start, arbitrary file creation (6703909)"
},
{
"cve": "CVE-2008-3113",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454607"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3113"
},
{
"category": "external",
"summary": "RHBZ#454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)"
},
{
"cve": "CVE-2008-3114",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454608"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, untrusted application may determine Cache Location (6704074)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3114"
},
{
"category": "external",
"summary": "RHBZ#454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-07-14T15:37:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.16-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.16-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0595"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start, untrusted application may determine Cache Location (6704074)"
}
]
}
CERTA-2008-AVI-476
Vulnerability from certfr_avis
De nombreuses vulnérabilités affectant le moteur Java pour Mac OS X peuvent être exploitées afin de provoquer un déni de service, d'exécuter du code arbitraire, de contourner la politique de sécurité et d'accéder à des données sensibles sur un système vulnérable.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Java pour Mac OS X 10.5.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Java pour Mac OS X 10.4 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-1190",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1190"
},
{
"name": "CVE-2008-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1188"
},
{
"name": "CVE-2008-1193",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1193"
},
{
"name": "CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"name": "CVE-2008-1189",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1189"
},
{
"name": "CVE-2008-3115",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3115"
},
{
"name": "CVE-2008-1191",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1191"
},
{
"name": "CVE-2008-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3638"
},
{
"name": "CVE-2008-3637",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3637"
},
{
"name": "CVE-2008-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3106"
},
{
"name": "CVE-2008-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3108"
},
{
"name": "CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"name": "CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"name": "CVE-2008-3150",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3150"
},
{
"name": "CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"name": "CVE-2008-3110",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3110"
},
{
"name": "CVE-2008-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1195"
},
{
"name": "CVE-2008-1187",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1187"
},
{
"name": "CVE-2008-3109",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3109"
},
{
"name": "CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"name": "CVE-2008-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1192"
},
{
"name": "CVE-2008-1185",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1185"
},
{
"name": "CVE-2008-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1196"
},
{
"name": "CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"name": "CVE-2008-1186",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1186"
},
{
"name": "CVE-2008-1194",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1194"
},
{
"name": "CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"name": "CVE-2008-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3105"
}
],
"initial_release_date": "2008-09-30T00:00:00",
"last_revision_date": "2008-09-30T00:00:00",
"links": [
{
"title": "Bulletins de s\u00e9curit\u00e9 Apple HT3178 et HT3179 du 24 septembre 2008 :",
"url": "http://support.apple.com/kb/HT3179"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Apple HT3178 et HT3179 du 24 septembre 2008 :",
"url": "http://support.apple.com/kb/HT3178"
}
],
"reference": "CERTA-2008-AVI-476",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-09-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De nombreuses vuln\u00e9rabilit\u00e9s affectant le moteur Java pour Mac OS X\npeuvent \u00eatre exploit\u00e9es afin de provoquer un d\u00e9ni de service, d\u0027ex\u00e9cuter\ndu code arbitraire, de contourner la politique de s\u00e9curit\u00e9 et d\u0027acc\u00e9der\n\u00e0 des donn\u00e9es sensibles sur un syst\u00e8me vuln\u00e9rable.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X Java",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Apple HT3178 et HT3179 du 24 septembre 2008",
"url": null
}
]
}
CERTA-2008-AVI-483
Vulnerability from certfr_avis
Plusieurs vulnérabilités ont été identifiées dans les systèmes de virtualisation VMware. L'exploitation de ces dernières peut conduire à une élévation de privilèges à partir d'un système invité (64-bit) ou à l'apparition en clair du mot de passe de l'utilisateur se connectant à VirtualCenter. D'autres vulnérabilités permettent de contourner la politique de sécurité mise en place.
Description
Plusieurs vulnérabilités ont été identifiées dans les systèmes de virtualisation VMware :
- le mot de passe utilisateur peut apparaître en clair au cours de la connexion au serveur VirtualCenter ;
- plusieurs vulnérabilités Sun Java JDK / JRE peuvent être exploitées pour perturber le fonctionnement du système ou contourner certaines restrictions de sécurité ;
- certaines instructions x64 ne sont pas émulées correctement. Cette vulnérabilité peut être exploitée par un utilisateur sur un système « invité » pour élever ses privilèges (cf. l'avis CERTA-2008-AVI-445).
Solution
Se référer au bulletin de sécurité de VMware pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | N/A | VMware ACE pour la version 1.0.6 ainsi que celles antérieures ; | ||
| VMware | N/A | VMware VirtualCenter 2.5 pour les versions antérieures à Update 3 build 119838 ; | ||
| VMware | N/A | VMware ESX 3.0.1 sans le correctif ESX-1006678. | ||
| VMware | N/A | VMware ESX 3.0.3 sans le correctif ESX303-200809401-SG ; | ||
| VMware | N/A | VMware ESX 3.5 sans le correctif ESX350-200809404-SG ; | ||
| VMware | N/A | VMware ACE pour la version 2.0.4 ainsi que celles antérieures ; | ||
| VMware | N/A | VMware Player pour la version 1.0.7 ainsi que celles antérieures ; | ||
| VMware | N/A | VMware Player pour la version 2.0.4 ainsi que celles antérieures ; | ||
| VMware | N/A | VMware ESX 3.0.2 sans le correctif ESX-1006361 ; | ||
| VMware | N/A | VMware Server pour la version 1.0.6 ainsi que celles antérieures ; | ||
| VMware | N/A | VMware Workstation pour la version 5.5.7 ainsi que celles antérieures ; | ||
| VMware | N/A | VMware Workstation pour la version 6.0.4 ainsi que celles antérieures ; | ||
| VMware | ESXi | VMware ESXi 3.5 sans le correctif ESXe350-200809401-I-SG ; |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMware ACE pour la version 1.0.6 ainsi que celles ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware VirtualCenter 2.5 pour les versions ant\u00e9rieures \u00e0 Update 3 build 119838 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 3.0.1 sans le correctif ESX-1006678.",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 3.0.3 sans le correctif ESX303-200809401-SG ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 3.5 sans le correctif ESX350-200809404-SG ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ACE pour la version 2.0.4 ainsi que celles ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Player pour la version 1.0.7 ainsi que celles ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Player pour la version 2.0.4 ainsi que celles ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 3.0.2 sans le correctif ESX-1006361 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Server pour la version 1.0.6 ainsi que celles ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Workstation pour la version 5.5.7 ainsi que celles ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Workstation pour la version 6.0.4 ainsi que celles ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESXi 3.5 sans le correctif ESXe350-200809401-I-SG ;",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans les syst\u00e8mes de\nvirtualisation VMware :\n\n- le mot de passe utilisateur peut appara\u00eetre en clair au cours de la\n connexion au serveur VirtualCenter ;\n- plusieurs vuln\u00e9rabilit\u00e9s Sun Java JDK / JRE peuvent \u00eatre exploit\u00e9es\n pour perturber le fonctionnement du syst\u00e8me ou contourner certaines\n restrictions de s\u00e9curit\u00e9 ;\n- certaines instructions x64 ne sont pas \u00e9mul\u00e9es correctement. Cette\n vuln\u00e9rabilit\u00e9 peut \u00eatre exploit\u00e9e par un utilisateur sur un syst\u00e8me\n \u00ab invit\u00e9 \u00bb pour \u00e9lever ses privil\u00e8ges (cf. l\u0027avis\n CERTA-2008-AVI-445).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de VMware pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"name": "CVE-2008-3115",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3115"
},
{
"name": "CVE-2008-4279",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4279"
},
{
"name": "CVE-2008-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3106"
},
{
"name": "CVE-2008-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3108"
},
{
"name": "CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"name": "CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"name": "CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"name": "CVE-2008-3110",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3110"
},
{
"name": "CVE-2008-4278",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4278"
},
{
"name": "CVE-2008-3109",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3109"
},
{
"name": "CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"name": "CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"name": "CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"name": "CVE-2008-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3105"
}
],
"initial_release_date": "2008-10-06T00:00:00",
"last_revision_date": "2008-10-06T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2008-0016 du 03 octobre 2008\u00a0:",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
}
],
"reference": "CERTA-2008-AVI-483",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-10-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans les syst\u00e8mes de\nvirtualisation VMware. L\u0027exploitation de ces derni\u00e8res peut conduire \u00e0\nune \u00e9l\u00e9vation de privil\u00e8ges \u00e0 partir d\u0027un syst\u00e8me invit\u00e9 (64-bit) ou \u00e0\nl\u0027apparition en clair du mot de passe de l\u0027utilisateur se connectant \u00e0\nVirtualCenter. D\u0027autres vuln\u00e9rabilit\u00e9s permettent de contourner la\npolitique de s\u00e9curit\u00e9 mise en place.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans des produits VMware",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 VMware VMSA-2008-0016 du 03 octobre 2008",
"url": null
}
]
}
CERTA-2008-AVI-366
Vulnerability from certfr_avis
None
Description
Plusieurs vulnérabilités découvertes dans la machine virtuelle Java de Sun permettent à un utilisateur distant malintentionné de contourner la politique de sécurité, de porter atteinte à la confidentialité et/ou à l'intégrité des données, de provoquer un déni de service, d'éléver ses privilèges ou d'exécuter du code.
Solution
Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Sun Java JRE 1.4.x ; | ||
| N/A | N/A | Sun Java JRE 1.5.x ; | ||
| Centreon | Web | Java Web Start 1.x ; | ||
| N/A | N/A | Sun Java SDK 1.3.x ; | ||
| N/A | N/A | Sun Java JRE 6.x ; | ||
| N/A | N/A | Sun Java SDK 1.4.x. | ||
| Centreon | Web | Java Web Start 3.x ; | ||
| Centreon | N/A | Sun Java JDK 1.6.x ; | ||
| Centreon | N/A | Sun Java JRE 5.x ; | ||
| Centreon | Web | Java Web Start 2.x ; | ||
| Centreon | N/A | Sun Java JRE 1.6.x ; | ||
| Centreon | N/A | Sun Java JRE 1.3.x ; | ||
| Centreon | N/A | Sun Java JDK 1.5.x ; |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sun Java JRE 1.4.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Sun Java JRE 1.5.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Java Web Start 1.x ;",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Sun Java SDK 1.3.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Sun Java JRE 6.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Sun Java SDK 1.4.x.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Java Web Start 3.x ;",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Sun Java JDK 1.6.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Sun Java JRE 5.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Java Web Start 2.x ;",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Sun Java JRE 1.6.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Sun Java JRE 1.3.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Sun Java JDK 1.5.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Centreon",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans la machine virtuelle Java de\nSun permettent \u00e0 un utilisateur distant malintentionn\u00e9 de contourner la\npolitique de s\u00e9curit\u00e9, de porter atteinte \u00e0 la confidentialit\u00e9 et/ou \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es, de provoquer un d\u00e9ni de service, d\u0027\u00e9l\u00e9ver ses\nprivil\u00e8ges ou d\u0027ex\u00e9cuter du code.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"name": "CVE-2008-3115",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3115"
},
{
"name": "CVE-2008-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3106"
},
{
"name": "CVE-2008-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3108"
},
{
"name": "CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"name": "CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"name": "CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"name": "CVE-2008-3110",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3110"
},
{
"name": "CVE-2008-3109",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3109"
},
{
"name": "CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"name": "CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"name": "CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"name": "CVE-2008-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3105"
}
],
"initial_release_date": "2008-07-11T00:00:00",
"last_revision_date": "2008-12-23T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE-SA:2008:043 du 04 septembre 2008 :",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun #238905 du 08 juillet 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:1043 du 18 d\u00e9cembre 2008\u00a0:",
"url": "https://rhn.redhat.com/errata/RHSA-2008-1043.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun #238967 du 08 juillet 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE-SA:2008:042 du 25 ao\u00fbt 2008 :",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun #238628 du 08 juillet 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun #238687 du 08 juillet 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238687-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun #238968 du 08 juillet 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238968-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun #238966 du 08 juillet 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238966-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:0906 du 24 octobre 2008\u00a0:",
"url": "https://rhn.redhat.com/errata/RHSA-2008-0906.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:0955 du 25 novembre 2008\u00a0:",
"url": "https://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:1044 du 18 d\u00e9cembre 2008\u00a0:",
"url": "https://rhn.redhat.com/errata/RHSA-2008-1044.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:0790 du 31 juillet 2008 :",
"url": "https://rhn.redhat.com/errata/RHSA-2008-0790.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:0595 du 14 juillet 2008 :",
"url": "https://rhn.redhat.com/errata/RHSA-2008-0595.html"
},
{
"title": "Bulletin de r\u00e9sum\u00e9 de s\u00e9curit\u00e9 SUSE-SR:2008:028 du 16 d\u00e9cembre 2008\u00a0:",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun #238666 du 08 juillet 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238666-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:1045 du 18 d\u00e9cembre 2008\u00a0:",
"url": "https://rhn.redhat.com/errata/RHSA-2008-1045.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun #238965 du 08 juillet 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238965-1"
}
],
"reference": "CERTA-2008-AVI-366",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-07-11T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins SuSE et Red Hat.",
"revision_date": "2008-09-18T00:00:00.000000"
},
{
"description": "ajout de nouvelles r\u00e9f\u00e9rences Red Hat.",
"revision_date": "2008-12-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": null,
"title": "Multiples vuln\u00e9rabilit\u00e9s dans la machine virtuelle Java de Sun",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 08 juillet 2008",
"url": null
}
]
}
fkie_cve-2008-3107
Vulnerability from fkie_nvd
Published
2008-07-09 23:41
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=122331139823057&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/31010 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31055 | ||
| cve@mitre.org | http://secunia.com/advisories/31497 | ||
| cve@mitre.org | http://secunia.com/advisories/31600 | ||
| cve@mitre.org | http://secunia.com/advisories/32018 | ||
| cve@mitre.org | http://secunia.com/advisories/32179 | ||
| cve@mitre.org | http://secunia.com/advisories/32180 | ||
| cve@mitre.org | http://secunia.com/advisories/37386 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200911-02.xml | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3178 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3179 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0594.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0595.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/497041/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/30141 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1020455 | ||
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA08-193A.html | US Government Resource | |
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2008-0016.html | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2056/references | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2740 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/43659 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=122331139823057&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31010 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31055 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31497 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31600 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32018 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32179 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32180 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37386 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200911-02.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3178 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3179 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0594.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0595.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/497041/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/30141 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1020455 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA08-193A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2008-0016.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2056/references | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2740 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/43659 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | jdk | * | |
| sun | jdk | * | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 5.0 | |
| sun | jdk | 6 | |
| sun | jdk | 6 | |
| sun | jdk | 6 | |
| sun | jdk | 6 | |
| sun | jdk | 6 | |
| sun | jre | * | |
| sun | jre | * | |
| sun | jre | * | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2_01 | |
| sun | jre | 1.4.2_02 | |
| sun | jre | 1.4.2_03 | |
| sun | jre | 1.4.2_3 | |
| sun | jre | 1.4.2_04 | |
| sun | jre | 1.4.2_05 | |
| sun | jre | 1.4.2_06 | |
| sun | jre | 1.4.2_07 | |
| sun | jre | 1.4.2_8 | |
| sun | jre | 1.4.2_9 | |
| sun | jre | 1.4.2_10 | |
| sun | jre | 1.4.2_11 | |
| sun | jre | 1.4.2_12 | |
| sun | jre | 1.4.2_13 | |
| sun | jre | 1.4.2_14 | |
| sun | jre | 1.4.2_15 | |
| sun | jre | 1.4.2_16 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 5.0 | |
| sun | jre | 6 | |
| sun | jre | 6 | |
| sun | jre | 6 | |
| sun | jre | 6 | |
| sun | jre | 6 | |
| sun | sdk | * | |
| sun | sdk | 1.4.2_02 | |
| sun | sdk | 1.4.2_03 | |
| sun | sdk | 1.4.2_04 | |
| sun | sdk | 1.4.2_05 | |
| sun | sdk | 1.4.2_06 | |
| sun | sdk | 1.4.2_07 | |
| sun | sdk | 1.4.2_08 | |
| sun | sdk | 1.4.2_09 | |
| sun | sdk | 1.4.2_10 | |
| sun | sdk | 1.4.2_11 | |
| sun | sdk | 1.4.2_12 | |
| sun | sdk | 1.4.2_13 | |
| sun | sdk | 1.4.2_14 | |
| sun | sdk | 1.4.2_15 | |
| sun | sdk | 1.4.2_16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update_15:*:*:*:*:*:*",
"matchCriteriaId": "7E7CD268-A083-43B5-80B7-B7837202CF29",
"versionEndIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:*:update_6:*:*:*:*:*:*",
"matchCriteriaId": "94A87B01-2F20-4E1C-8572-395A96C35D79",
"versionEndIncluding": "6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "6BB00A29-FEBB-4139-9E96-691EC1410EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "DD8CC179-F76E-4CC2-9CBD-69CBBA5BD532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C2DC7389-9697-4EF0-9C4E-153731CDD75D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "C5F476C8-5466-4E6B-B73B-4ACFBB02AD5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "D8C7C8C1-AA0D-4BD9-A8EC-85BBE627DE13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "BAF0844B-ECB1-4AF0-AA32-1B8789AC5042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "25322D24-C5D9-43A6-87CC-1BF7FA6A3E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "400FDCDE-16DE-4BD6-81E2-4A5DA12E99CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "82C49C78-ACE3-407D-AE21-EA180633C437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "5F91F8A2-D473-48DC-81DA-21291DE7B6E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "3E46B3B4-9E1C-4C87-A4CD-C4CE7FBCA7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "0F69C703-8541-4AA8-A66A-0292E0FCB749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_8:*:*:*:*:*:*",
"matchCriteriaId": "99E08AB2-49AD-42C6-967F-773F2C6E188A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:update_9:*:*:*:*:*:*",
"matchCriteriaId": "9459F130-A3DD-4A4E-9582-4FB82619EB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*",
"matchCriteriaId": "9C9F6EA8-6A88-4485-89A3-0FDF84AB51DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*",
"matchCriteriaId": "67E0818A-3675-4293-89FE-5001E36C0F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*",
"matchCriteriaId": "95112B98-B6B2-43FA-BF76-F518649CF3BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*",
"matchCriteriaId": "3A18341A-3688-48E7-95AD-283EC9C95B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*",
"matchCriteriaId": "E301C59A-47F5-4861-9091-D0002CBA5B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D4DE93-903F-48E3-9009-EF6470F8E87C",
"versionEndIncluding": "1.4.2_17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update_15:*:*:*:*:*:*",
"matchCriteriaId": "DF9D8657-A633-45A1-AADE-30474E03C2FC",
"versionEndIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update_6:*:*:*:*:*:*",
"matchCriteriaId": "2A1D1D91-B29F-4335-A7DA-FF988F626907",
"versionEndIncluding": "6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63978872-E797-4F13-B0F9-98CB67D0962A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_01:*:*:*:*:*:*:*",
"matchCriteriaId": "27A472AF-049D-4D63-841C-1EF737E8D64D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_02:*:*:*:*:*:*:*",
"matchCriteriaId": "DB48B161-C239-4BB5-8667-7ACA5A5437F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_03:*:*:*:*:*:*:*",
"matchCriteriaId": "83629616-1814-4858-B09F-79BEA82D6F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_04:*:*:*:*:*:*:*",
"matchCriteriaId": "03E8F351-F900-436E-A726-55AE31FBF832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_05:*:*:*:*:*:*:*",
"matchCriteriaId": "F76B79C6-ADD0-4992-A4BD-423A0AD38714",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_06:*:*:*:*:*:*:*",
"matchCriteriaId": "FBFD41B5-6E33-4B00-81E8-9D91B0A03BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_07:*:*:*:*:*:*:*",
"matchCriteriaId": "685D3F7F-30B9-4EB8-90FC-66A2A067A510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5187B1-CB86-48E8-A595-9FCFD9822C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "6C660DE4-543A-4E9B-825D-CD099D08CBD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "318719C9-7B01-4021-B2EF-8341254DFE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2A2379FC-BC33-4C90-97DD-ED3723172008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "86A1256D-7A34-4FDD-9536-82FD6497A712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "3BB5E47A-8C17-4995-9EF8-01BFA0B702B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "9300FA38-C234-4BD8-ADB6-D2A29EBA81DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "C87F6EE3-F66B-4F15-89BA-26A4D3AD2556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "56F0F497-6586-408B-80AF-6BC2B9909397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D594E269-D722-45FC-B390-B0D38ADEC923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "3CAA89D6-651A-4B8C-A134-C3A2CB84002A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "B930EAFB-F2E6-4FCA-A21B-022656396A2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "4B20EB5F-D12A-4267-9887-C39A188EB9AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "52347FDC-9983-4A64-8031-B4A50DDC9BBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "C95654B3-ACA0-4B0D-9F31-B9C5FB7B9C96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_8:*:*:*:*:*:*",
"matchCriteriaId": "8387A041-582A-4010-9C44-672090F41A72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:update_9:*:*:*:*:*:*",
"matchCriteriaId": "D1F2D335-CDDF-4D2E-80CA-F1A0AF92501A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*",
"matchCriteriaId": "0F98D2BD-2AC1-4C4C-8A10-71093DCBC4E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*",
"matchCriteriaId": "CDC09958-5286-4C16-AB6F-63B4BDD902B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*",
"matchCriteriaId": "BDE1E9E9-85EF-4ACA-902B-00225EB4324F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*",
"matchCriteriaId": "E0CDBFCB-42EA-4F19-A98D-7696B0D526CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*",
"matchCriteriaId": "53DCFF2A-77A7-41DB-A712-9B6D1FD2574A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15D0F887-8AD6-42B1-8ED6-8E7135690270",
"versionEndIncluding": "1.4.2_17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*",
"matchCriteriaId": "AF4E34FD-D927-42BB-8A16-031D77CB4B9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3D49A-BE20-47BF-A85F-122357BAB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*",
"matchCriteriaId": "F45DB5D3-7F35-4531-9A82-24EB50034787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_05:*:*:*:*:*:*:*",
"matchCriteriaId": "4695F707-12E8-4BA4-BBE1-C21CB7213A2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_06:*:*:*:*:*:*:*",
"matchCriteriaId": "C918FB49-DA13-4326-BE86-6F6BEA4CE4E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_07:*:*:*:*:*:*:*",
"matchCriteriaId": "5573CAD1-39D1-4ADB-BB95-EBB554B43B4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*",
"matchCriteriaId": "DD02EBDF-6E51-4538-9EDD-B1DE914D09C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*",
"matchCriteriaId": "53C3C0E3-5F40-412B-A4AD-A7A291DE2A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "36888382-79C8-4C97-A654-C668CD68556F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "F34C99E6-F9F0-4EF3-8601-B47EAE3D7273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "A74DD08D-CEDB-460E-BED5-78F6CAF18BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F64FBC-DC97-4FE3-A235-18B87945AF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "85048406-9051-4E69-94A8-5C449F3B89E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C88DD7-0B46-4405-BD35-60D27E2DBA14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la M\u00e1quina Virtual de Sun Java Runtime Environment (JRE), JDK y JRE 6 antes de Update 7, JDK y JRE 5.0 antes de Update 16, y SDK y JRE 1.4.x antes de 1.4.2_18 permite a atacantes dependientes del contexto obtener privilegios mediante (1) una aplicaci\u00f3n o (2) un applet que no son de confianza, como se demostr\u00f3 con una aplicaci\u00f3n o un applet que se garantiza privilegios para (a) leer archivos locales, (b) escribir en archivos locales, o (c) ejecutar programas locales."
}
],
"id": "CVE-2008-3107",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-07-09T23:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31010"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31055"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31497"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31600"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32018"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32179"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32180"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/37386"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3178"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3179"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30141"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020455"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43659"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2008-3107
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2008-3107",
"description": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"id": "GSD-2008-3107",
"references": [
"https://www.suse.com/security/cve/CVE-2008-3107.html",
"https://access.redhat.com/errata/RHSA-2008:0636",
"https://access.redhat.com/errata/RHSA-2008:0595",
"https://access.redhat.com/errata/RHSA-2008:0594"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2008-3107"
],
"details": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"id": "GSD-2008-3107",
"modified": "2023-12-13T01:23:05.076613Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "238967",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
},
{
"name": "sun-virtualmachine-unauth-access(43659)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43659"
},
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "1020455",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020455"
},
{
"name": "31600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "30141",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30141"
},
{
"name": "ADV-2008-2056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "31055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32180"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "RHSA-2008:0594",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "oval:org.mitre.oval:def:10219",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "TA08-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:*:update_15:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:*:update_6:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:*:update_6:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.4.2_17",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:5.0:update_8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.4.2_17",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:*:update_15:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3107"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "238967",
"refsource": "SUNALERT",
"tags": [],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
},
{
"name": "30141",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/30141"
},
{
"name": "31010",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31010"
},
{
"name": "RHSA-2008:0595",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31600",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "31055",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "RHSA-2008:0594",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31497",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "TA08-193A",
"refsource": "CERT",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "32018",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "32180",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/32180"
},
{
"name": "32179",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "1020455",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1020455"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"tags": [],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "37386",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/37386"
},
{
"name": "ADV-2008-2056",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "sun-virtualmachine-unauth-access(43659)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43659"
},
{
"name": "oval:org.mitre.oval:def:10219",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-30T16:26Z",
"publishedDate": "2008-07-09T23:41Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…