Lucene search

[email protected]CVE-2008-1192

HistoryMar 06, 2008 - 9:44 p.m.

CVE-2008-1192

2008-03-0621:44:00

CWE-254

[email protected]

web.nvd.nist.gov

sun jdk

jre

vulnerability

bypass

same origin policy

remote attackers

6.1 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.9%

JSON

Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and “execute local applications” via unknown vectors.

CPENameOperatorVersion
sun:jdksun jdkeq1.6.0
sun:jdksun jdkeq1.5.0
sun:jresun jreeq1.6.0
sun:jresun jreeq1.4.2_7
sun:jresun jreeq1.4.2_16
sun:jresun jreeq1.3.1
sun:jresun jreeq1.3.1_10
sun:jresun jreeq1.3.1_06
sun:jresun jreeq1.4.2_4
sun:jresun jreeq1.4.2_2

CPE	Name	Operator	Version
sun:jdk	sun jdk	eq	1.6.0
sun:jdk	sun jdk	eq	1.5.0
sun:jre	sun jre	eq	1.6.0
sun:jre	sun jre	eq	1.4.2_7
sun:jre	sun jre	eq	1.4.2_16
sun:jre	sun jre	eq	1.3.1
sun:jre	sun jre	eq	1.3.1_10
sun:jre	sun jre	eq	1.3.1_06
sun:jre	sun jre	eq	1.4.2_4
sun:jre	sun jre	eq	1.4.2_2

Rows per page:

1-10 of 821

References

dev2dev.bea.com/pub/advisory/277

lists.apple.com/archives/security-announce//2008/Sep/msg00008.html

lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html

lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html

secunia.com/advisories/29239

secunia.com/advisories/29273

secunia.com/advisories/29498

secunia.com/advisories/29582

secunia.com/advisories/29841

secunia.com/advisories/29858

secunia.com/advisories/29897

secunia.com/advisories/30676

secunia.com/advisories/30780

secunia.com/advisories/31497

secunia.com/advisories/32018

security.gentoo.org/glsa/glsa-200804-28.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-233324-1

support.apple.com/kb/HT3178

support.apple.com/kb/HT3179

www.gentoo.org/security/en/glsa/glsa-200804-20.xml

www.gentoo.org/security/en/glsa/glsa-200806-11.xml

www.redhat.com/support/errata/RHSA-2008-0186.html

www.redhat.com/support/errata/RHSA-2008-0210.html

www.redhat.com/support/errata/RHSA-2008-0267.html

www.securitytracker.com/id?1019550

www.us-cert.gov/cas/techalerts/TA08-066A.html

www.vmware.com/security/advisories/VMSA-2008-0010.html

www.vupen.com/english/advisories/2008/0770/references

www.vupen.com/english/advisories/2008/1252

www.vupen.com/english/advisories/2008/1856/references

exchange.xforce.ibmcloud.com/vulnerabilities/41031

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11813

6.1 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.9%

JSON

Related for CVE-2008-1192

ubuntucve1 prion1 nessus17 redhat5 openvas19 suse2 vmware2 gentoo1