Action not permitted
Modal body text goes here.
Modal Title
Modal Body
RHSA-2008_0638
Vulnerability from csaf_redhat - Published: 2008-08-13 14:19 - Updated: 2024-11-14 10:06Summary
Red Hat Security Advisory: Red Hat Network Satellite Server IBM Java Runtime security update
Severity
Low
Notes
Topic: Red Hat Network Satellite Server version 5.1.1 is now available. This
update includes fixes for a number of security issues in the Red Hat
Network Satellite Server IBM Java Runtime Environment for IBM S/390 and IBM
System z architectures.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details: This release corrects several security vulnerabilities in the IBM Java
Runtime Environment shipped as part of Red Hat Network Satellite Server 5.1
for IBM S/390 and IBM System z architectures. In a typical operating
environment, these are of low security risk as the runtime is not used on
untrusted applets.
Multiple flaws were fixed in the IBM Java 1.5.0 Runtime Environment.
(CVE-2008-0657, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190,
CVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196,
CVE-2008-3104, CVE-2008-3106, CVE-2008-3108, CVE-2008-3111, CVE-2008-3112,
CVE-2008-3113, CVE-2008-3114)
Users of Red Hat Network Satellite Server 5.1 are advised to upgrade to
5.1.1, which resolves these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues."
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0638
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Network Satellite Server version 5.1.1 is now available. This\nupdate includes fixes for a number of security issues in the Red Hat\nNetwork Satellite Server IBM Java Runtime Environment for IBM S/390 and IBM\nSystem z architectures.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "This release corrects several security vulnerabilities in the IBM Java\nRuntime Environment shipped as part of Red Hat Network Satellite Server 5.1\nfor IBM S/390 and IBM System z architectures. In a typical operating\nenvironment, these are of low security risk as the runtime is not used on\nuntrusted applets.\n\nMultiple flaws were fixed in the IBM Java 1.5.0 Runtime Environment.\n(CVE-2008-0657, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190,\nCVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196,\nCVE-2008-3104, CVE-2008-3106, CVE-2008-3108, CVE-2008-3111, CVE-2008-3112,\nCVE-2008-3113, CVE-2008-3114)\n\nUsers of Red Hat Network Satellite Server 5.1 are advised to upgrade to\n5.1.1, which resolves these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0638",
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "431861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431861"
},
{
"category": "external",
"summary": "436030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436030"
},
{
"category": "external",
"summary": "436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "436295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436295"
},
{
"category": "external",
"summary": "436296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296"
},
{
"category": "external",
"summary": "436299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436299"
},
{
"category": "external",
"summary": "436302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436302"
},
{
"category": "external",
"summary": "452649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=452649"
},
{
"category": "external",
"summary": "454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "454604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454604"
},
{
"category": "external",
"summary": "454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0638.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Network Satellite Server IBM Java Runtime security update",
"tracking": {
"current_release_date": "2024-11-14T10:06:23+00:00",
"generator": {
"date": "2024-11-14T10:06:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2008:0638",
"initial_release_date": "2008-08-13T14:19:00+00:00",
"revision_history": [
{
"date": "2008-08-13T14:19:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-13T10:19:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T10:06:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product": {
"name": "Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.1::el4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x",
"product": {
"name": "java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x",
"product_id": "java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-ibm-devel@1.5.0.8-1jpp.1.el4?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"product": {
"name": "java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"product_id": "java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-ibm@1.5.0.8-1jpp.1.el4?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"product": {
"name": "java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"product_id": "java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-ibm-devel@1.5.0.8-1jpp.1.el4?arch=s390\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"product": {
"name": "java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"product_id": "java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-ibm@1.5.0.8-1jpp.1.el4?arch=s390\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390"
},
"product_reference": "java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x"
},
"product_reference": "java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390 as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390"
},
"product_reference": "java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"relates_to_product_reference": "4AS-RHNSAT5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x as a component of Red Hat Satellite 5.1 (RHEL v.4 AS)",
"product_id": "4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
},
"product_reference": "java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x",
"relates_to_product_reference": "4AS-RHNSAT5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-0657",
"discovery_date": "2008-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431861"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "java-1.5.0 Privilege escalation via unstrusted applet and application",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0657"
},
{
"category": "external",
"summary": "RHBZ#431861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431861"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0657",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0657"
}
],
"release_date": "2008-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "java-1.5.0 Privilege escalation via unstrusted applet and application"
},
{
"cve": "CVE-2008-1187",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436030"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Untrusted applet and application XSLT processing privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1187"
},
{
"category": "external",
"summary": "RHBZ#436030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1187",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1187"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Untrusted applet and application XSLT processing privilege escalation"
},
{
"cve": "CVE-2008-1188",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436293"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka \"The first two issues.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1188"
},
{
"category": "external",
"summary": "RHBZ#436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1188"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1188",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1188"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)"
},
{
"cve": "CVE-2008-1189",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436293"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the \"third\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1189"
},
{
"category": "external",
"summary": "RHBZ#436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1189",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1189"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)"
},
{
"cve": "CVE-2008-1190",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436293"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the \"fourth\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1190"
},
{
"category": "external",
"summary": "RHBZ#436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1190",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1190"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)"
},
{
"cve": "CVE-2008-1192",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436295"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and \"execute local applications\" via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Plugin same-origin-policy bypass",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1192"
},
{
"category": "external",
"summary": "RHBZ#436295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436295"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1192"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Plugin same-origin-policy bypass"
},
{
"cve": "CVE-2008-1193",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436296"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE image parsing library allows privilege escalation (CVE-2008-1194)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1193"
},
{
"category": "external",
"summary": "RHBZ#436296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1193",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1193"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JRE image parsing library allows privilege escalation (CVE-2008-1194)"
},
{
"cve": "CVE-2008-1194",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436296"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE image parsing library allows privilege escalation (CVE-2008-1194)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1194"
},
{
"category": "external",
"summary": "RHBZ#436296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1194",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1194"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1194",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1194"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JRE image parsing library allows privilege escalation (CVE-2008-1194)"
},
{
"cve": "CVE-2008-1195",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436299"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java-API calls in untrusted Javascript allow network privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1195"
},
{
"category": "external",
"summary": "RHBZ#436299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1195"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1195",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1195"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java-API calls in untrusted Javascript allow network privilege escalation"
},
{
"cve": "CVE-2008-1196",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436302"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1196"
},
{
"category": "external",
"summary": "RHBZ#436302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436302"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1196"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start"
},
{
"cve": "CVE-2008-3104",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454601"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java RE allows Same Origin Policy to be Bypassed (6687932)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3104"
},
{
"category": "external",
"summary": "RHBZ#454601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3104"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java RE allows Same Origin Policy to be Bypassed (6687932)"
},
{
"cve": "CVE-2008-3106",
"discovery_date": "2008-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618330"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3106"
},
{
"category": "external",
"summary": "RHBZ#1618330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3106"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3106",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3106"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2008-3108",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454604"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Security Vulnerability with JRE fonts processing may allow Elevation of Privileges (6450319)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3108"
},
{
"category": "external",
"summary": "RHBZ#454604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454604"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3108"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3108",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3108"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Security Vulnerability with JRE fonts processing may allow Elevation of Privileges (6450319)"
},
{
"cve": "CVE-2008-3111",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454605"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start Buffer overflow vulnerabilities (6557220)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3111"
},
{
"category": "external",
"summary": "RHBZ#454605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3111"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start Buffer overflow vulnerabilities (6557220)"
},
{
"cve": "CVE-2008-3112",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454606"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, arbitrary file creation (6703909)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3112"
},
{
"category": "external",
"summary": "RHBZ#454606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3112"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start, arbitrary file creation (6703909)"
},
{
"cve": "CVE-2008-3113",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454607"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3113"
},
{
"category": "external",
"summary": "RHBZ#454607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3113"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start arbitrary file creation/deletion file with user permissions (6704077)"
},
{
"cve": "CVE-2008-3114",
"discovery_date": "2008-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "454608"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start, untrusted application may determine Cache Location (6704074)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3114"
},
{
"category": "external",
"summary": "RHBZ#454608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454608"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3114"
}
],
"release_date": "2008-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-13T14:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-1:1.5.0.8-1jpp.1.el4.s390x",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390",
"4AS-RHNSAT5.1:java-1.5.0-ibm-devel-1:1.5.0.8-1jpp.1.el4.s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0638"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start, untrusted application may determine Cache Location (6704074)"
}
]
}
CVE-2008-1193 (GCVE-0-2008-1193)
Vulnerability from cvelistv5 – Published: 2008-03-06 21:00 – Updated: 2024-08-07 08:08
VLAI?
EPSS
Summary
Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29841"
},
{
"name": "sun-jre-imagelibrary-privilege-escalation(41028)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41028"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019551",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019551"
},
{
"name": "233325",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233325-1"
},
{
"name": "RHSA-2008:0245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0245.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA",
"x_transferred"
],
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "28125",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28125"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "RHSA-2008:0244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0244.html"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "30003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30003"
},
{
"name": "oval:org.mitre.oval:def:11409",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11409"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29841"
},
{
"name": "sun-jre-imagelibrary-privilege-escalation(41028)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41028"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019551",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019551"
},
{
"name": "233325",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233325-1"
},
{
"name": "RHSA-2008:0245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0245.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA"
],
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "28125",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28125"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "RHSA-2008:0244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0244.html"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "30003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30003"
},
{
"name": "oval:org.mitre.oval:def:11409",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11409"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1193",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29841"
},
{
"name": "sun-jre-imagelibrary-privilege-escalation(41028)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41028"
},
{
"name": "RHSA-2008:0267",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019551"
},
{
"name": "233325",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233325-1"
},
{
"name": "RHSA-2008:0245",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0245.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "29897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "28125",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28125"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "RHSA-2008:0244",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0244.html"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "30003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30003"
},
{
"name": "oval:org.mitre.oval:def:11409",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11409"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1193",
"datePublished": "2008-03-06T21:00:00.000Z",
"dateReserved": "2008-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:08:57.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1196 (GCVE-0-2008-1196)
Vulnerability from cvelistv5 – Published: 2008-03-06 21:00 – Updated: 2024-08-07 08:08
VLAI?
EPSS
Summary
Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "VU#223028",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/223028"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "31586",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31586"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=q5exhSqeBjA~"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "sun-java-webstart-javaws-bo(41026)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41026"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "oval:org.mitre.oval:def:10412",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10412"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233327",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233327-1"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "31067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31067"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "1019552",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019552"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0555",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0555.html"
},
{
"name": "31580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31580"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "VU#223028",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/223028"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "31586",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31586"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=q5exhSqeBjA~"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "sun-java-webstart-javaws-bo(41026)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41026"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "oval:org.mitre.oval:def:10412",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10412"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233327",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233327-1"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "31067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31067"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "1019552",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019552"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0555",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0555.html"
},
{
"name": "31580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31580"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "VU#223028",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/223028"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "31586",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31586"
},
{
"name": "http://download.novell.com/Download?buildid=q5exhSqeBjA~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=q5exhSqeBjA~"
},
{
"name": "29897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "sun-java-webstart-javaws-bo(41026)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41026"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "oval:org.mitre.oval:def:10412",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10412"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233327",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233327-1"
},
{
"name": "RHSA-2008:0210",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "31067",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31067"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "1019552",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019552"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0555",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0555.html"
},
{
"name": "31580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31580"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1196",
"datePublished": "2008-03-06T21:00:00.000Z",
"dateReserved": "2008-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:08:57.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0657 (GCVE-0-2008-0657)
Vulnerability from cvelistv5 – Published: 2008-02-07 20:00 – Updated: 2024-08-07 07:54
VLAI?
EPSS
Summary
Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-02-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:23.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29841"
},
{
"name": "oval:org.mitre.oval:def:11505",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11505"
},
{
"name": "27650",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27650"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA",
"x_transferred"
],
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "ADV-2008-0429",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0429"
},
{
"name": "231261",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231261-1"
},
{
"name": "1019308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019308"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "ADV-2008-1252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "28795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28795"
},
{
"name": "RHSA-2008:0156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0156.html"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "28888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28888"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "29214",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29214"
},
{
"name": "RHSA-2008:0123",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0123.html"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29841"
},
{
"name": "oval:org.mitre.oval:def:11505",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11505"
},
{
"name": "27650",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27650"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA"
],
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "ADV-2008-0429",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0429"
},
{
"name": "231261",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231261-1"
},
{
"name": "1019308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019308"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "ADV-2008-1252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "28795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28795"
},
{
"name": "RHSA-2008:0156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0156.html"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "28888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28888"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "29214",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29214"
},
{
"name": "RHSA-2008:0123",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0123.html"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29841"
},
{
"name": "oval:org.mitre.oval:def:11505",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11505"
},
{
"name": "27650",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27650"
},
{
"name": "29897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "ADV-2008-0429",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0429"
},
{
"name": "231261",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231261-1"
},
{
"name": "1019308",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019308"
},
{
"name": "SUSE-SA:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "ADV-2008-1252",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "28795",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28795"
},
{
"name": "RHSA-2008:0156",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0156.html"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "28888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28888"
},
{
"name": "RHSA-2008:0210",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "29214",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29214"
},
{
"name": "RHSA-2008:0123",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0123.html"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0657",
"datePublished": "2008-02-07T20:00:00.000Z",
"dateReserved": "2008-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:54:23.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1195 (GCVE-0-2008-1195)
Vulnerability from cvelistv5 – Published: 2008-03-06 21:00 – Updated: 2024-08-07 08:08
VLAI?
EPSS
Summary
Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080327 rPSA-2008-0128-1 firefox",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
},
{
"name": "29541",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29541"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "30620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30620"
},
{
"name": "29560",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29560"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "233326",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233326-1"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "238492",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "USN-592-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-592-1"
},
{
"name": "oval:org.mitre.oval:def:9486",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9486"
},
{
"name": "sun-jre-javascript-unauthorized-access(41030)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41030"
},
{
"name": "29645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29645"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "ADV-2008-1793",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1793/references"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "29526",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29526"
},
{
"name": "SUSE-SA:2008:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-18.html"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "TA08-087A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "29547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29547"
},
{
"name": "1019553",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019553"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "ADV-2008-0998",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0998/references"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29273"
},
{
"name": "MDVSA-2008:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080327 rPSA-2008-0128-1 firefox",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
},
{
"name": "29541",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29541"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "30620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30620"
},
{
"name": "29560",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29560"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "233326",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233326-1"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "238492",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "USN-592-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-592-1"
},
{
"name": "oval:org.mitre.oval:def:9486",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9486"
},
{
"name": "sun-jre-javascript-unauthorized-access(41030)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41030"
},
{
"name": "29645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29645"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "ADV-2008-1793",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1793/references"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "29526",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29526"
},
{
"name": "SUSE-SA:2008:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-18.html"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "TA08-087A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "29547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29547"
},
{
"name": "1019553",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019553"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "ADV-2008-0998",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0998/references"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29273"
},
{
"name": "MDVSA-2008:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080327 rPSA-2008-0128-1 firefox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
},
{
"name": "29541",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29541"
},
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "30620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30620"
},
{
"name": "29560",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29560"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "233326",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233326-1"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "238492",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
},
{
"name": "29897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29498"
},
{
"name": "USN-592-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-592-1"
},
{
"name": "oval:org.mitre.oval:def:9486",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9486"
},
{
"name": "sun-jre-javascript-unauthorized-access(41030)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41030"
},
{
"name": "29645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29645"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "ADV-2008-1793",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1793/references"
},
{
"name": "SUSE-SA:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "29526",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29526"
},
{
"name": "SUSE-SA:2008:019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-18.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-18.html"
},
{
"name": "RHSA-2008:0210",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "TA08-087A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "29547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29547"
},
{
"name": "1019553",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019553"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "ADV-2008-0998",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0998/references"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
},
{
"name": "MDVSA-2008:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1195",
"datePublished": "2008-03-06T21:00:00.000Z",
"dateReserved": "2008-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:08:57.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1194 (GCVE-0-2008-1194)
Vulnerability from cvelistv5 – Published: 2008-03-06 21:00 – Updated: 2024-08-07 08:08
VLAI?
EPSS
Summary
Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019551",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019551"
},
{
"name": "233325",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233325-1"
},
{
"name": "RHSA-2008:0245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0245.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA",
"x_transferred"
],
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "sun-jre-jdk-colorlibrary-dos(41132)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41132"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "RHSA-2008:0244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0244.html"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "30003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30003"
},
{
"name": "oval:org.mitre.oval:def:9542",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9542"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019551",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019551"
},
{
"name": "233325",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233325-1"
},
{
"name": "RHSA-2008:0245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0245.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA"
],
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "sun-jre-jdk-colorlibrary-dos(41132)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41132"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "RHSA-2008:0244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0244.html"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "30003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30003"
},
{
"name": "oval:org.mitre.oval:def:9542",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9542"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019551"
},
{
"name": "233325",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233325-1"
},
{
"name": "RHSA-2008:0245",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0245.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "29897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "sun-jre-jdk-colorlibrary-dos(41132)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41132"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "RHSA-2008:0244",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0244.html"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "30003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30003"
},
{
"name": "oval:org.mitre.oval:def:9542",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9542"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1194",
"datePublished": "2008-03-06T21:00:00.000Z",
"dateReserved": "2008-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:08:57.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1189 (GCVE-0-2008-1189)
Vulnerability from cvelistv5 – Published: 2008-03-06 21:00 – Updated: 2024-08-07 08:08
VLAI?
EPSS
Summary
Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019549",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019549"
},
{
"name": "javawebstart-unspecified-bo(41135)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41135"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "javawebstart-application-priv-escalation(41029)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233323",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "javawebstart-multiple-unspecified-bo(41133)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41133"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "oval:org.mitre.oval:def:9582",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9582"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the \"third\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019549",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019549"
},
{
"name": "javawebstart-unspecified-bo(41135)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41135"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "javawebstart-application-priv-escalation(41029)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233323",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "javawebstart-multiple-unspecified-bo(41133)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41133"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "oval:org.mitre.oval:def:9582",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9582"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the \"third\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019549",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019549"
},
{
"name": "javawebstart-unspecified-bo(41135)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41135"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "javawebstart-application-priv-escalation(41029)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029"
},
{
"name": "29897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233323",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1"
},
{
"name": "RHSA-2008:0210",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "javawebstart-multiple-unspecified-bo(41133)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41133"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "oval:org.mitre.oval:def:9582",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9582"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1189",
"datePublished": "2008-03-06T21:00:00.000Z",
"dateReserved": "2008-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:08:57.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3106 (GCVE-0-2008-3106)
Vulnerability from cvelistv5 – Published: 2008-07-09 23:00 – Updated: 2024-08-07 09:28
VLAI?
EPSS
Summary
Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-07-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:40.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2008:1044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10866",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10866"
},
{
"name": "32436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32436"
},
{
"name": "1020457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020457"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=756717"
},
{
"name": "33237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33237"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "30143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30143"
},
{
"name": "RHSA-2008:0594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=751014"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm"
},
{
"name": "238628",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1"
},
{
"name": "RHSA-2008:1045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1045.html"
},
{
"name": "33238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33238"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-299.htm"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "sun-jre-xml-unauth-access(43658)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43658"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2008:1044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10866",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10866"
},
{
"name": "32436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32436"
},
{
"name": "1020457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020457"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=756717"
},
{
"name": "33237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33237"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "30143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30143"
},
{
"name": "RHSA-2008:0594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=751014"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm"
},
{
"name": "238628",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1"
},
{
"name": "RHSA-2008:1045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1045.html"
},
{
"name": "33238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33238"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-299.htm"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "sun-jre-xml-unauth-access(43658)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43658"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2008:1044",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10866",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10866"
},
{
"name": "32436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32436"
},
{
"name": "1020457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020457"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm"
},
{
"name": "31600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html"
},
{
"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=756717",
"refsource": "CONFIRM",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=756717"
},
{
"name": "33237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33237"
},
{
"name": "ADV-2008-2056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "32180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32180"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31736"
},
{
"name": "30143",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30143"
},
{
"name": "RHSA-2008:0594",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=751014",
"refsource": "CONFIRM",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=751014"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm"
},
{
"name": "238628",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1"
},
{
"name": "RHSA-2008:1045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1045.html"
},
{
"name": "33238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33238"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-299.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-299.htm"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "sun-jre-xml-unauth-access(43658)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43658"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3106",
"datePublished": "2008-07-09T23:00:00.000Z",
"dateReserved": "2008-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:40.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3114 (GCVE-0-2008-3114)
Vulnerability from cvelistv5 – Published: 2008-07-09 23:00 – Updated: 2024-08-07 09:28
VLAI?
EPSS
Summary
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-07-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32436"
},
{
"name": "32826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32826"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "33194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "RHSA-2008:0594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "SUSE-SR:2008:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "sun-javawebstart-cache-info-disclosure(43668)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43668"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "oval:org.mitre.oval:def:9755",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9755"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32436"
},
{
"name": "32826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32826"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "33194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "RHSA-2008:0594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "SUSE-SR:2008:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "sun-javawebstart-cache-info-disclosure(43668)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43668"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "oval:org.mitre.oval:def:9755",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9755"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32436"
},
{
"name": "32826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32826"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"name": "31600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32179"
},
{
"name": "33194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "ADV-2008-2056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32180"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "RHSA-2008:0594",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "SUSE-SR:2008:028",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "sun-javawebstart-cache-info-disclosure(43668)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43668"
},
{
"name": "SUSE-SA:2008:045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "oval:org.mitre.oval:def:9755",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9755"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3114",
"datePublished": "2008-07-09T23:00:00.000Z",
"dateReserved": "2008-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:41.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1192 (GCVE-0-2008-1192)
Vulnerability from cvelistv5 – Published: 2008-03-06 21:00 – Updated: 2024-08-07 08:08
VLAI?
EPSS
Summary
Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "233324",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233324-1"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29841"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "oval:org.mitre.oval:def:11813",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11813"
},
{
"name": "java-plugin-unspecified-security-bypass(41031)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41031"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA",
"x_transferred"
],
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "1019550",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019550"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and \"execute local applications\" via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "233324",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233324-1"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29841"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "oval:org.mitre.oval:def:11813",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11813"
},
{
"name": "java-plugin-unspecified-security-bypass(41031)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41031"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA"
],
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "1019550",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019550"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and \"execute local applications\" via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "233324",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233324-1"
},
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29841"
},
{
"name": "RHSA-2008:0267",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "oval:org.mitre.oval:def:11813",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11813"
},
{
"name": "java-plugin-unspecified-security-bypass(41031)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41031"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "29897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29498"
},
{
"name": "BEA08-201.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "1019550",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019550"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1192",
"datePublished": "2008-03-06T21:00:00.000Z",
"dateReserved": "2008-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:08:57.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3113 (GCVE-0-2008-3113)
Vulnerability from cvelistv5 – Published: 2008-07-09 23:00 – Updated: 2024-08-07 09:28
VLAI?
EPSS
Summary
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-07-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32826"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "sun-javawebstart-file-manipulation(43667)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43667"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "33194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "SUSE-SR:2008:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "oval:org.mitre.oval:def:10454",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10454"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32826"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "sun-javawebstart-file-manipulation(43667)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43667"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "33194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "SUSE-SR:2008:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "oval:org.mitre.oval:def:10454",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10454"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32826"
},
{
"name": "31600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "sun-javawebstart-file-manipulation(43667)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43667"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32179"
},
{
"name": "33194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "ADV-2008-2056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32180"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "SUSE-SR:2008:028",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "TA08-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "oval:org.mitre.oval:def:10454",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10454"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3113",
"datePublished": "2008-07-09T23:00:00.000Z",
"dateReserved": "2008-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:41.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3111 (GCVE-0-2008-3111)
Vulnerability from cvelistv5 – Published: 2008-07-09 23:00 – Updated: 2024-08-07 09:28
VLAI?
EPSS
Summary
Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-07-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:40.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "sun-javawebstart-unspecified-bo(43664)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43664"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "oval:org.mitre.oval:def:10541",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10541"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-043/"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "20080717 ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/494505/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "sun-javawebstart-unspecified-bo(43664)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43664"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "oval:org.mitre.oval:def:10541",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10541"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-043/"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "20080717 ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/494505/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "31600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "sun-javawebstart-unspecified-bo(43664)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43664"
},
{
"name": "ADV-2008-2056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32180"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31736"
},
{
"name": "oval:org.mitre.oval:def:10541",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10541"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-043/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-043/"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "20080717 ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/494505/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "TA08-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3111",
"datePublished": "2008-07-09T23:00:00.000Z",
"dateReserved": "2008-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:40.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1188 (GCVE-0-2008-1188)
Vulnerability from cvelistv5 – Published: 2008-03-06 21:00 – Updated: 2024-08-07 08:08
VLAI?
EPSS
Summary
Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.778Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019549",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019549"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-009/"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "javawebstart-application-priv-escalation(41029)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-010/"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233323",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "javawebstart-multiple-unspecified-bo(41133)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41133"
},
{
"name": "oval:org.mitre.oval:def:11209",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11209"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka \"The first two issues.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019549",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019549"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-009/"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "javawebstart-application-priv-escalation(41029)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-010/"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233323",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "javawebstart-multiple-unspecified-bo(41133)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41133"
},
{
"name": "oval:org.mitre.oval:def:11209",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11209"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka \"The first two issues.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019549",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019549"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-009/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-009/"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "javawebstart-application-priv-escalation(41029)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029"
},
{
"name": "29897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-010/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-010/"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233323",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1"
},
{
"name": "RHSA-2008:0210",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "javawebstart-multiple-unspecified-bo(41133)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41133"
},
{
"name": "oval:org.mitre.oval:def:11209",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11209"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1188",
"datePublished": "2008-03-06T21:00:00.000Z",
"dateReserved": "2008-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:08:57.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3108 (GCVE-0-2008-3108)
Vulnerability from cvelistv5 – Published: 2008-07-09 23:00 – Updated: 2024-08-07 09:28
VLAI?
EPSS
Summary
Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-07-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:40.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2008:1044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "RHSA-2008:1043",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1043.html"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=756717"
},
{
"name": "33237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33237"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "30147",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30147"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "33236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33236"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020461",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020461"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=751014"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "sun-jre-font-bo(43656)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43656"
},
{
"name": "238666",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238666-1"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2008:1044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "RHSA-2008:1043",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1043.html"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=756717"
},
{
"name": "33237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33237"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "30147",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30147"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "33236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33236"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020461",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020461"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=751014"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "sun-jre-font-bo(43656)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43656"
},
{
"name": "238666",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238666-1"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2008:1044",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html"
},
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm"
},
{
"name": "31600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "RHSA-2008:1043",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1043.html"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=756717",
"refsource": "CONFIRM",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=756717"
},
{
"name": "33237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33237"
},
{
"name": "ADV-2008-2056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "30147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30147"
},
{
"name": "32180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32180"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31736"
},
{
"name": "33236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33236"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020461",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020461"
},
{
"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=751014",
"refsource": "CONFIRM",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=751014"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "sun-jre-font-bo(43656)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43656"
},
{
"name": "238666",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238666-1"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm"
},
{
"name": "SUSE-SA:2008:045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "TA08-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3108",
"datePublished": "2008-07-09T23:00:00.000Z",
"dateReserved": "2008-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:40.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3104 (GCVE-0-2008-3104)
Vulnerability from cvelistv5 – Published: 2008-07-09 23:00 – Updated: 2024-08-07 09:28
VLAI?
EPSS
Summary
Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-07-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "sun-jre-unspecified-security-bypass(43662)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43662"
},
{
"name": "RHSA-2008:1044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32436"
},
{
"name": "32826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32826"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "1020459",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020459"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "RHSA-2008:1043",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1043.html"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "238968",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238968-1"
},
{
"name": "33194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "33237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33237"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "30140",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30140"
},
{
"name": "33236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33236"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "RHSA-2008:0594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31269"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm"
},
{
"name": "RHSA-2008:1045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1045.html"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "33238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33238"
},
{
"name": "SUSE-SR:2008:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "oval:org.mitre.oval:def:9565",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9565"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "sun-jre-unspecified-security-bypass(43662)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43662"
},
{
"name": "RHSA-2008:1044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32436"
},
{
"name": "32826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32826"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "1020459",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020459"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "RHSA-2008:1043",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1043.html"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "238968",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238968-1"
},
{
"name": "33194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "33237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33237"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "30140",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30140"
},
{
"name": "33236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33236"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "RHSA-2008:0594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31269"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm"
},
{
"name": "RHSA-2008:1045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1045.html"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "33238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33238"
},
{
"name": "SUSE-SR:2008:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "oval:org.mitre.oval:def:9565",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9565"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet\u0027s outbound connections by connecting to localhost services running on the machine that loaded the applet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sun-jre-unspecified-security-bypass(43662)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43662"
},
{
"name": "RHSA-2008:1044",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html"
},
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32436"
},
{
"name": "32826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32826"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm"
},
{
"name": "31600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31600"
},
{
"name": "1020459",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020459"
},
{
"name": "SUSE-SA:2008:042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "RHSA-2008:1043",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1043.html"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32179"
},
{
"name": "238968",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238968-1"
},
{
"name": "33194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "33237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33237"
},
{
"name": "ADV-2008-2056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "31055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32180"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
},
{
"name": "30140",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30140"
},
{
"name": "33236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33236"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "RHSA-2008:0594",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "31269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31269"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm"
},
{
"name": "RHSA-2008:1045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1045.html"
},
{
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "33238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33238"
},
{
"name": "SUSE-SR:2008:028",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "oval:org.mitre.oval:def:9565",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9565"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3104",
"datePublished": "2008-07-09T23:00:00.000Z",
"dateReserved": "2008-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:41.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3112 (GCVE-0-2008-3112)
Vulnerability from cvelistv5 – Published: 2008-07-09 23:00 – Updated: 2024-08-07 09:28
VLAI?
EPSS
Summary
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-07-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32436"
},
{
"name": "32826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32826"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "33194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-042/"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "RHSA-2008:0594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "sun-javawebstart-file-create(43666)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43666"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "oval:org.mitre.oval:def:11102",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11102"
},
{
"name": "SUSE-SR:2008:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32436"
},
{
"name": "32826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32826"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"name": "31600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "33194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-042/"
},
{
"name": "ADV-2008-2056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "RHSA-2008:0594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "sun-javawebstart-file-create(43666)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43666"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "oval:org.mitre.oval:def:11102",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11102"
},
{
"name": "SUSE-SR:2008:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32436"
},
{
"name": "32826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32826"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
},
{
"name": "31600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31600"
},
{
"name": "SUSE-SA:2008:042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "32179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32179"
},
{
"name": "33194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33194"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "31320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31320"
},
{
"name": "SUSE-SA:2008:043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-042/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-042/"
},
{
"name": "ADV-2008-2056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2056/references"
},
{
"name": "238905",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
},
{
"name": "31055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31055"
},
{
"name": "32180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32180"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "31736",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31736"
},
{
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "1020452",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020452"
},
{
"name": "30148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30148"
},
{
"name": "RHSA-2008:0594",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
},
{
"name": "sun-javawebstart-file-create(43666)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43666"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "RHSA-2008:0955",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
},
{
"name": "oval:org.mitre.oval:def:11102",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11102"
},
{
"name": "SUSE-SR:2008:028",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "SUSE-SA:2008:045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
},
{
"name": "RHSA-2008:0790",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
},
{
"name": "RHSA-2008:0906",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
},
{
"name": "TA08-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3112",
"datePublished": "2008-07-09T23:00:00.000Z",
"dateReserved": "2008-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:41.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1187 (GCVE-0-2008-1187)
Vulnerability from cvelistv5 – Published: 2008-03-06 21:00 – Updated: 2024-08-07 08:08
VLAI?
EPSS
Summary
Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29999",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29999"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29841"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "RHSA-2008:0245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0245.html"
},
{
"name": "RHSA-2008:0243",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0243.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "31586",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31586"
},
{
"name": "java-virtualmachine-multiple-priv-escalation(41025)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=q5exhSqeBjA~"
},
{
"name": "JVNDB-2008-000016",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "JVN#04032535",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN04032535/index.html"
},
{
"name": "BEA08-201.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA",
"x_transferred"
],
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "1019548",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019548"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "31067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31067"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "RHSA-2008:0244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0244.html"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "30003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30003"
},
{
"name": "233322",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0555",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0555.html"
},
{
"name": "31580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31580"
},
{
"name": "oval:org.mitre.oval:def:10278",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29999",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29999"
},
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29841"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "RHSA-2008:0245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0245.html"
},
{
"name": "RHSA-2008:0243",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0243.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "31586",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31586"
},
{
"name": "java-virtualmachine-multiple-priv-escalation(41025)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=q5exhSqeBjA~"
},
{
"name": "JVNDB-2008-000016",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "JVN#04032535",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN04032535/index.html"
},
{
"name": "BEA08-201.00",
"tags": [
"vendor-advisory",
"x_refsource_BEA"
],
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "1019548",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019548"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "31067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31067"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "RHSA-2008:0244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0244.html"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "30003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30003"
},
{
"name": "233322",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0555",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0555.html"
},
{
"name": "31580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31580"
},
{
"name": "oval:org.mitre.oval:def:10278",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29999",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29999"
},
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29841"
},
{
"name": "RHSA-2008:0267",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "RHSA-2008:0245",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0245.html"
},
{
"name": "RHSA-2008:0243",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0243.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "31586",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31586"
},
{
"name": "java-virtualmachine-multiple-priv-escalation(41025)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"name": "http://download.novell.com/Download?buildid=q5exhSqeBjA~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=q5exhSqeBjA~"
},
{
"name": "JVNDB-2008-000016",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html"
},
{
"name": "29897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29498"
},
{
"name": "JVN#04032535",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN04032535/index.html"
},
{
"name": "BEA08-201.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/277"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-1252",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1252"
},
{
"name": "1019548",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019548"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "RHSA-2008:0210",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "31067",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31067"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "RHSA-2008:0244",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0244.html"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "30003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30003"
},
{
"name": "233322",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0555",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0555.html"
},
{
"name": "31580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31580"
},
{
"name": "oval:org.mitre.oval:def:10278",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1187",
"datePublished": "2008-03-06T21:00:00.000Z",
"dateReserved": "2008-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:08:57.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1190 (GCVE-0-2008-1190)
Vulnerability from cvelistv5 – Published: 2008-03-06 21:00 – Updated: 2024-08-07 08:08
VLAI?
EPSS
Summary
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019549",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019549"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "javawebstart-application-priv-escalation(41029)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "oval:org.mitre.oval:def:9914",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9914"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233323",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the \"fourth\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019549",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019549"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "javawebstart-application-priv-escalation(41029)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029"
},
{
"name": "29897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "oval:org.mitre.oval:def:9914",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9914"
},
{
"name": "31497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233323",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1"
},
{
"name": "RHSA-2008:0210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the \"fourth\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "RHSA-2008:0267",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "1019549",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019549"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "javawebstart-application-priv-escalation(41029)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029"
},
{
"name": "29897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29897"
},
{
"name": "29498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29498"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "SUSE-SA:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "oval:org.mitre.oval:def:9914",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9914"
},
{
"name": "31497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31497"
},
{
"name": "233323",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1"
},
{
"name": "RHSA-2008:0210",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1190",
"datePublished": "2008-03-06T21:00:00.000Z",
"dateReserved": "2008-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:08:57.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…