Lucene search

[email protected]CVE-2008-5358

HistoryDec 05, 2008 - 11:30 a.m.

CVE-2008-5358

2008-12-0511:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-5358

java

jre

memory corruption

gif

remote code execution

nvd

8.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.224 Low

EPSS

Percentile

96.4%

JSON

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll.

CPENameOperatorVersion
sun:jresun jreeq6
sun:jdksun jdkeq6

CPE	Name	Operator	Version
sun:jre	sun jre	eq	6
sun:jdk	sun jdk	eq	6

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=758

lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html

lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html

marc.info/?l=bugtraq&m=123678756409861&w=2

marc.info/?l=bugtraq&m=126583436323697&w=2

osvdb.org/50515

rhn.redhat.com/errata/RHSA-2008-1018.html

secunia.com/advisories/32991

secunia.com/advisories/33015

secunia.com/advisories/33187

secunia.com/advisories/33709

secunia.com/advisories/34233

secunia.com/advisories/34259

secunia.com/advisories/34447

secunia.com/advisories/34605

secunia.com/advisories/37386

secunia.com/advisories/38539

security.gentoo.org/glsa/glsa-200911-02.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-244987-1

support.avaya.com/elmodocs2/security/ASA-2008-485.htm

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=

www.redhat.com/support/errata/RHSA-2009-0369.html

www.securityfocus.com/bid/32608

www.us-cert.gov/cas/techalerts/TA08-340A.html

www.vupen.com/english/advisories/2008/3339

www.vupen.com/english/advisories/2009/0672

www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/47049

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6319

8.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.224 Low

EPSS

Percentile

96.4%

JSON

Related for CVE-2008-5358

prion1 ubuntucve1 openvas25 nessus22 redhat2 securityvulns2 ubuntu1 fedora2 suse2 seebug1 vmware2 oracle1 gentoo1 ibm1