Lucene search

K

[email protected]CVE-2008-5356

HistoryDec 05, 2008 - 11:30 a.m.

CVE-2008-5356

2008-12-0511:30:00

CWE-119

[email protected]

web.nvd.nist.gov

45

cve

2008

5356

java

runtime environment

jre

sun

jdk

jre

update

buffer overflow

truetype font

nvd

7.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.432 Medium

EPSS

Percentile

97.3%

Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file.

CPENameOperatorVersion
sun:jdksun jdkeq5.0
sun:jresun jreeq6
sun:jresun jreeq1.4.2_7
sun:jresun jreeq1.4.2_16
sun:jresun jreeq5.0
sun:jresun jreeq1.4.2_4
sun:sdksun sdkeq1.4.2_10
sun:sdksun sdkeq1.4.2_12
sun:jresun jreeq1.4.2_2
sun:jdksun jdkeq6

Rows per page:

1-10 of 401

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=757

lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html

lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html

lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html

lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

marc.info/?l=bugtraq&m=123678756409861&w=2

marc.info/?l=bugtraq&m=126583436323697&w=2

osvdb.org/50516

rhn.redhat.com/errata/RHSA-2008-1018.html

rhn.redhat.com/errata/RHSA-2008-1025.html

secunia.com/advisories/32991

secunia.com/advisories/33015

secunia.com/advisories/33187

secunia.com/advisories/33710

secunia.com/advisories/34233

secunia.com/advisories/34259

secunia.com/advisories/34447

secunia.com/advisories/34605

secunia.com/advisories/34972

secunia.com/advisories/35065

secunia.com/advisories/37386

secunia.com/advisories/38539

security.gentoo.org/glsa/glsa-200911-02.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-244987-1

support.avaya.com/elmodocs2/security/ASA-2008-485.htm

support.avaya.com/elmodocs2/security/ASA-2009-012.htm

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=

www.redhat.com/support/errata/RHSA-2009-0016.html

www.redhat.com/support/errata/RHSA-2009-0369.html

www.securityfocus.com/bid/32608

www.us-cert.gov/cas/techalerts/TA08-340A.html

www.vupen.com/english/advisories/2008/3339

www.vupen.com/english/advisories/2009/0672

www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/47103

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6494

rhn.redhat.com/errata/RHSA-2009-0466.html

7.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.432 Medium

EPSS

Percentile

97.3%

Related for CVE-2008-5356

prion1 ubuntucve1 openvas36 nessus31 redhat5 fedora2 suse3 seebug1 vmware2 oracle1 gentoo1