Design/Logic Flaw

🗓️ 05 Dec 2008 11:30:00Reported by PRIOn knowledge baseType

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms

Reporter	Title	Published	Views	Family All 112
Chainguard	CVE-2008-5351 vulnerabilities	5 Jun 202619:18	–	cgr
CVE	CVE-2008-5351	5 Dec 200811:00	–	cve
Cvelist	CVE-2008-5351	5 Dec 200811:00	–	cvelist
EUVD	EUVD-2008-5328	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-7.b12.fc10	7 Dec 200804:33	–	fedora
Fedora	[SECURITY] Fedora 9 Update: java-1.6.0-openjdk-1.6.0.0-0.20.b09.fc9	7 Dec 200804:27	–	fedora
Tenable Nessus	Fedora 9 : java-1.6.0-openjdk-1.6.0.0-0.20.b09.fc9 (2008-10860)	8 Dec 200800:00	–	nessus
Tenable Nessus	Fedora 10 : java-1.6.0-openjdk-1.6.0.0-7.b12.fc10 (2008-10913)	23 Apr 200900:00	–	nessus
Tenable Nessus	GLSA-200911-02 : Sun JDK/JRE: Multiple vulnerabilities	18 Nov 200900:00	–	nessus
Tenable Nessus	HP-UX PHSS_40374 : s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 25	14 Dec 200900:00	–	nessus

Source	Link
sunsolve	www.sunsolve.sun.com/search/document.do
secunia	www.secunia.com/advisories/32991
rhn	www.rhn.redhat.com/errata/RHSA-2008-1025.html
secunia	www.secunia.com/advisories/33015
rhn	www.rhn.redhat.com/errata/RHSA-2008-1018.html
securityfocus	www.securityfocus.com/bid/32608
lists	www.lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html
secunia	www.secunia.com/advisories/33710
us-cert	www.us-cert.gov/cas/techalerts/TA08-340A.html
secunia	www.secunia.com/advisories/33709

29 Sep 2017 01:32Current

6.2Medium risk

Vulners AI Score6.2

EPSS0.03276