NA
CVSSv3

CVE-2008-5348

CVSSv4: NA | CVSSv3: NA | CVSSv2: 7.1 | VMScore: 810 | EPSS: 0.04941 | KEV: Not Included
Published: 05/12/2008 Updated: 21/11/2024

Vulnerability Summary

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and previous versions; JDK and JRE 5.0 Update 16 and previous versions; and SDK and JRE 1.4.2_18 and previous versions, when using Kerberos authentication, allows remote malicious users to cause a denial of service (OS resource consumption) via unknown vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

sun jdk

sun jdk 5.0

sun jdk 6

sun jre

sun jre 1.4.2 1

sun jre 1.4.2 2

sun jre 1.4.2 3

sun jre 1.4.2 4

sun jre 1.4.2 5

sun jre 1.4.2 6

sun jre 1.4.2 7

sun jre 1.4.2 8

sun jre 1.4.2 9

sun jre 1.4.2 10

sun jre 1.4.2 11

sun jre 1.4.2 12

sun jre 1.4.2 13

sun jre 1.4.2 14

sun jre 1.4.2 15

sun jre 1.4.2 16

sun jre 1.4.2 17

sun jre 5.0

sun jre 6

sun sdk

sun sdk 1.4.2 1

sun sdk 1.4.2 2

sun sdk 1.4.2 3

sun sdk 1.4.2 4

sun sdk 1.4.2 5

sun sdk 1.4.2 6

sun sdk 1.4.2 7

sun sdk 1.4.2 8

sun sdk 1.4.2 9

sun sdk 1.4.2 10

sun sdk 1.4.2 11

sun sdk 1.4.2 12

sun sdk 1.4.2 13

sun sdk 1.4.2 14

sun sdk 1.4.2 15

sun sdk 1.4.2 16

sun sdk 1.4.2 17

Vendor Advisories

It was discovered that Java did not correctly handle untrusted applets If a user were tricked into running a malicious applet, a remote attacker could gain user privileges, or list directory contents (CVE-2008-5347, CVE-2008-5350) ...
Synopsis Critical: java-160-sun security update Type/Severity Security Advisory: Critical Topic Updated java-160-sun packages that correct several security issues arenow available for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by t ...
Synopsis Critical: java-142-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-142-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4Extras, and Red Hat Enterprise Linux 5 SupplementaryThis updat ...
Synopsis Critical: java-160-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by the R ...
Synopsis Critical: java-150-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-150-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by the R ...
Synopsis Critical: java-150-sun security update Type/Severity Security Advisory: Critical Topic Updated java-150-sun packages that correct several security issues arenow available for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by t ...
Synopsis Low: java-150-ibm security update Type/Severity Security Advisory: Low Topic Updated java-150-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite ServerThis update has been rated as having low security impact by the Red HatSecurity Response Team ...

References

NVD-CWE-noinfohttps://nvd.nist.govhttps://usn.ubuntu.com/713-1/https://www.first.org/epsshttp://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlhttp://marc.info/?l=bugtraq&m=123678756409861&w=2http://marc.info/?l=bugtraq&m=123678756409861&w=2http://marc.info/?l=bugtraq&m=126583436323697&w=2http://marc.info/?l=bugtraq&m=126583436323697&w=2http://osvdb.org/50505http://rhn.redhat.com/errata/RHSA-2008-1018.htmlhttp://rhn.redhat.com/errata/RHSA-2008-1025.htmlhttp://secunia.com/advisories/32991http://secunia.com/advisories/33015http://secunia.com/advisories/33528http://secunia.com/advisories/33709http://secunia.com/advisories/33710http://secunia.com/advisories/34233http://secunia.com/advisories/34259http://secunia.com/advisories/34605http://secunia.com/advisories/34889http://secunia.com/advisories/34972http://secunia.com/advisories/35065http://secunia.com/advisories/37386http://secunia.com/advisories/38539http://security.gentoo.org/glsa/glsa-200911-02.xmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-246346-1http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019797.1-1http://support.avaya.com/elmodocs2/security/ASA-2009-012.htmhttp://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=http://www.redhat.com/support/errata/RHSA-2009-0015.htmlhttp://www.redhat.com/support/errata/RHSA-2009-0016.htmlhttp://www.redhat.com/support/errata/RHSA-2009-0445.htmlhttp://www.securityfocus.com/bid/32608http://www.us-cert.gov/cas/techalerts/TA08-340A.htmlhttp://www.vupen.com/english/advisories/2009/0672http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdfhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6549https://rhn.redhat.com/errata/RHSA-2009-0466.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlhttp://marc.info/?l=bugtraq&m=123678756409861&w=2http://marc.info/?l=bugtraq&m=123678756409861&w=2http://marc.info/?l=bugtraq&m=126583436323697&w=2http://marc.info/?l=bugtraq&m=126583436323697&w=2http://osvdb.org/50505http://rhn.redhat.com/errata/RHSA-2008-1018.htmlhttp://rhn.redhat.com/errata/RHSA-2008-1025.htmlhttp://secunia.com/advisories/32991http://secunia.com/advisories/33015http://secunia.com/advisories/33528http://secunia.com/advisories/33709http://secunia.com/advisories/33710http://secunia.com/advisories/34233http://secunia.com/advisories/34259http://secunia.com/advisories/34605http://secunia.com/advisories/34889http://secunia.com/advisories/34972http://secunia.com/advisories/35065http://secunia.com/advisories/37386http://secunia.com/advisories/38539http://security.gentoo.org/glsa/glsa-200911-02.xmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-246346-1http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019797.1-1http://support.avaya.com/elmodocs2/security/ASA-2009-012.htmhttp://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=http://www.redhat.com/support/errata/RHSA-2009-0015.htmlhttp://www.redhat.com/support/errata/RHSA-2009-0016.htmlhttp://www.redhat.com/support/errata/RHSA-2009-0445.htmlhttp://www.securityfocus.com/bid/32608http://www.us-cert.gov/cas/techalerts/TA08-340A.htmlhttp://www.vupen.com/english/advisories/2009/0672http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdfhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6549https://rhn.redhat.com/errata/RHSA-2009-0466.html