Lucene search

[email protected]CVE-2008-1187

HistoryMar 06, 2008 - 9:44 p.m.

CVE-2008-1187

2008-03-0621:44:00

NVD-CWE-noinfo

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-1187

sun java

jre

jdk

denial of service

remote attack

arbitrary code execution

xslt transform

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.133 Low

EPSS

Percentile

95.5%

JSON

Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.

CPENameOperatorVersion
sun:jdksun jdkeq5.0
sun:jresun jreeq6
sun:sdksun sdkeq1.4.2
sun:jresun jreeq5.0
sun:sdksun sdkle1.4.2_16
sun:jresun jreeq1.4.2_01
sun:sdksun sdkeq1.4.2_10
sun:sdksun sdkeq1.4.2_12
sun:jresun jreeq1.4.2_03
sun:sdksun sdkeq1.4.2_14

CPE	Name	Operator	Version
sun:jdk	sun jdk	eq	5.0
sun:jre	sun jre	eq	6
sun:sdk	sun sdk	eq	1.4.2
sun:jre	sun jre	eq	5.0
sun:sdk	sun sdk	le	1.4.2_16
sun:jre	sun jre	eq	1.4.2_01
sun:sdk	sun sdk	eq	1.4.2_10
sun:sdk	sun sdk	eq	1.4.2_12
sun:jre	sun jre	eq	1.4.2_03
sun:sdk	sun sdk	eq	1.4.2_14

Rows per page:

1-10 of 351

References

dev2dev.bea.com/pub/advisory/277

download.novell.com/Download?buildid=q5exhSqeBjA~

jvn.jp/en/jp/JVN04032535/index.html

jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html

lists.apple.com/archives/security-announce//2008/Sep/msg00008.html

lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html

lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html

secunia.com/advisories/29239

secunia.com/advisories/29273

secunia.com/advisories/29498

secunia.com/advisories/29582

secunia.com/advisories/29841

secunia.com/advisories/29858

secunia.com/advisories/29897

secunia.com/advisories/29999

secunia.com/advisories/30003

secunia.com/advisories/30676

secunia.com/advisories/30780

secunia.com/advisories/31067

secunia.com/advisories/31497

secunia.com/advisories/31580

secunia.com/advisories/31586

secunia.com/advisories/32018

security.gentoo.org/glsa/glsa-200804-28.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1

support.apple.com/kb/HT3178

support.apple.com/kb/HT3179

support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html

www.gentoo.org/security/en/glsa/glsa-200804-20.xml

www.gentoo.org/security/en/glsa/glsa-200806-11.xml

www.redhat.com/support/errata/RHSA-2008-0186.html

www.redhat.com/support/errata/RHSA-2008-0210.html

www.redhat.com/support/errata/RHSA-2008-0243.html

www.redhat.com/support/errata/RHSA-2008-0244.html

www.redhat.com/support/errata/RHSA-2008-0245.html

www.redhat.com/support/errata/RHSA-2008-0267.html

www.redhat.com/support/errata/RHSA-2008-0555.html

www.securitytracker.com/id?1019548

www.us-cert.gov/cas/techalerts/TA08-066A.html

www.vmware.com/security/advisories/VMSA-2008-0010.html

www.vupen.com/english/advisories/2008/0770/references

www.vupen.com/english/advisories/2008/1252

www.vupen.com/english/advisories/2008/1856/references

exchange.xforce.ibmcloud.com/vulnerabilities/41025

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.133 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2008-1187

nessus22 redhat8 prion1 ubuntucve1 openvas26 suse2 f52 vmware2 gentoo1