6.5 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.022 Low
EPSS
Percentile
89.1%
Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or © execute local programs.
CPE | Name | Operator | Version |
---|---|---|---|
jdk | eq | 5.0 update-12 | |
jdk | eq | 5.0 update-3 | |
jdk | eq | 5.0 update-11 | |
jdk | eq | 5.0 update-8 | |
jdk | eq | 5.0 update-1 | |
jdk | eq | 6 update-1 | |
jdk | eq | 6 update-3 | |
jdk | eq | 5.0 update-5 | |
jdk | eq | 6 update-4 | |
jdk | eq | 5.0 update-6 |
lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
secunia.com/advisories/31010
secunia.com/advisories/31055
secunia.com/advisories/31497
secunia.com/advisories/31600
secunia.com/advisories/32018
secunia.com/advisories/32179
secunia.com/advisories/32180
secunia.com/advisories/37386
security.gentoo.org/glsa/glsa-200911-02.xml
sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1
support.apple.com/kb/HT3178
support.apple.com/kb/HT3179
www.redhat.com/support/errata/RHSA-2008-0594.html
www.redhat.com/support/errata/RHSA-2008-0595.html
www.securityfocus.com/archive/1/497041/100/0/threaded
www.securityfocus.com/bid/30141
www.securitytracker.com/id?1020455
www.us-cert.gov/cas/techalerts/TA08-193A.html
www.vmware.com/security/advisories/VMSA-2008-0016.html
www.vupen.com/english/advisories/2008/2056/references
www.vupen.com/english/advisories/2008/2740
exchange.xforce.ibmcloud.com/vulnerabilities/43659
marc.info/?l=bugtraq&m=122331139823057&w=2
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219