Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2008-5356
HistoryDec 05, 2008 - 12:00 a.m.

CVE-2008-5356

2008-12-0500:00:00
ubuntu.com
ubuntu.com
8

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.432 Medium

EPSS

Percentile

97.3%

JSON

Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK
and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and
SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute
arbitrary code via a crafted TrueType font file.

Notes

Author Note
kees http://sunsolve.sun.com/search/document.do?assetkey=1-26-244987-1 6751322 vulnerable source not included in the open source JDK
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchsun-java5< 1.5.0-22-0ubuntu0.8.04UNKNOWN
ubuntu8.10noarchsun-java5< 1.5.0-19-0ubuntu0.8.10UNKNOWN
ubuntu9.04noarchsun-java5< 1.5.0-19-0ubuntu0.9.04UNKNOWN
ubuntu8.04noarchsun-java6< 6-17-0ubuntu1.8.04UNKNOWN
ubuntu8.10noarchsun-java6< 6-14-0ubuntu1.8.10UNKNOWN
ubuntu9.04noarchsun-java6< 6-16-0ubuntu1.9.04UNKNOWN
ubuntu9.10noarchsun-java6< 6-15-1UNKNOWN

Related

prion 1
cve 1
openvas 36
nessus 31
redhat 5
fedora 2
suse 3
seebug 1
vmware 2
oracle 1
gentoo 1
prion
prion
Heap overflow
2008-12-05 11:30:00
cve
cve
CVE-2008-5356
2008-12-05 11:30:00
openvas
openvas
SLES11: Security update for IBM Java 1.6.0
2009-10-11 00:00:00
SLES11: Security update for IBM Java 1.6.0
2009-10-11 00:00:00
RedHat Security Advisory RHSA-2009:0369
2009-03-31 00:00:00
nessus
nessus
SuSE 11 Security Update : IBM Java 1.6.0 (SAT Patch Number 736)
2009-09-24 00:00:00
RHEL 4 / 5 : java-1.6.0-ibm (RHSA-2009:0369)
2009-08-24 00:00:00
Fedora 10 : java-1.6.0-openjdk-1.6.0.0-7.b12.fc10 (2008-10913)
2009-04-23 00:00:00
redhat
redhat
(RHSA-2009:0369) Critical: java-1.6.0-ibm security update
2009-03-25 00:00:00
(RHSA-2009:0466) Low: java-1.5.0-ibm security update
2009-05-07 00:00:00
(RHSA-2009:0016) Critical: java-1.5.0-ibm security update
2009-01-13 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: java-1.6.0-openjdk-1.6.0.0-0.20.b09.fc9
2008-12-07 04:27:51
[SECURITY] Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-7.b12.fc10
2008-12-07 04:33:22
suse
suse
remote code execution in IBM Java 1.4.2 and 6
2009-04-07 14:51:07
local privilege escalation in IBMJava5-JRE,java-1_5_0-ibm
2009-01-29 14:08:00
remote code execution in Sun Java
2009-01-09 15:49:38
seebug
seebug
Sun Java JDK/JRE安全更新修复多个漏洞
2008-12-09 00:00:00
vmware
vmware
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
oracle
oracle
cpuapr2009.html
2009-04-14 00:00:00
gentoo
gentoo
Sun JDK/JRE: Multiple vulnerabilities
2009-11-17 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.432 Medium

EPSS

Percentile

97.3%

JSON
Related for UB:CVE-2008-5356
prion1cve1openvas36nessus31redhat5fedora2suse3seebug1vmware2oracle1gentoo1