Published: 05/12/2008 Updated: 11/10/2018

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 632

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and previous versions, and JDK and JRE 5.0 Update 16 and previous versions, allows remote malicious users to cause a denial of service (CPU consumption) via a crafted RSA public key.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun jre 6
sun jdk 6
sun jdk
sun jdk 5.0
sun jre 5.0
sun jre

It was discovered that Java did not correctly handle untrusted applets If a user were tricked into running a malicious applet, a remote attacker could gain user privileges, or list directory contents (CVE-2008-5347, CVE-2008-5350) ...

Synopsis Critical: java-150-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-150-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by the R ...

Synopsis Critical: java-160-sun security update Type/Severity Security Advisory: Critical Topic Updated java-160-sun packages that correct several security issues arenow available for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by t ...

Synopsis Low: java-150-ibm security update Type/Severity Security Advisory: Low Topic Updated java-150-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite ServerThis update has been rated as having low security impact by the Red HatSecurity Response Team ...

Synopsis Critical: java-150-sun security update Type/Severity Security Advisory: Critical Topic Updated java-150-sun packages that correct several security issues arenow available for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by t ...

NVD-CWE-noinfo http://sunsolve.sun.com/search/document.do?assetkey=1-26-246286-1 http://rhn.redhat.com/errata/RHSA-2008-1018.html http://secunia.com/advisories/33015 http://secunia.com/advisories/32991 http://rhn.redhat.com/errata/RHSA-2008-1025.html http://www.securityfocus.com/bid/32608 http://www.us-cert.gov/cas/techalerts/TA08-340A.html http://www.securitytracker.com/id?1021309 http://secunia.com/advisories/33709 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm http://www.redhat.com/support/errata/RHSA-2009-0016.html http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=http://secunia.com/advisories/34259 http://secunia.com/advisories/34972 https://rhn.redhat.com/errata/RHSA-2009-0466.html http://www.vupen.com/english/advisories/2009/1426 http://secunia.com/advisories/35255 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133 http://osvdb.org/50504 http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://security.gentoo.org/glsa/glsa-200911-02.xml http://secunia.com/advisories/37386 http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html http://support.avaya.com/elmodocs2/security/ASA-2008-491.htm http://www.vupen.com/english/advisories/2008/3339 https://exchange.xforce.ibmcloud.com/vulnerabilities/47064 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5843 http://www.securityfocus.com/archive/1/504010/100/0/threaded https://usn.ubuntu.com/713-1/https://nvd.nist.gov

CVE-2008-5349

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect