Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1186

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-1186
Last Modified 07 Mar 2011 12:00:00
Published 06 Mar 2008 04:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1186

Summary

Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."

Vulnerable Systems

Application

  • Sun Jdk 1.4.2 16

  • Sun Jdk 5.0 Update13

  • Sun Jre 1.4.2 16

  • Sun Jre 1.5.0


References

CERT - TA08-066A

SUNALERT - 233321

XF - sun-jre-unspecified-priv-escalation(41138)

XF - java-virtualmachine-multiple-priv-escalation(41025)

VUPEN - ADV-2008-1856

VUPEN - ADV-2008-0770

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0010.html

REDHAT - RHSA-2008:0186

GENTOO - GLSA-200806-11

GENTOO - GLSA-200804-20

CONFIRM - http://support.apple.com/kb/HT3179

CONFIRM - http://support.apple.com/kb/HT3178

SECTRACK - 1019555

GENTOO - GLSA-200804-28

SECUNIA - 32018

SECUNIA - 30780

SECUNIA - 30676

SECUNIA - 29858

SECUNIA - 29582

SECUNIA - 29273

SECUNIA - 29239

SUSE - SUSE-SA:2008:018

APPLE - APPLE-SA-2008-09-24

Related Patches

Apple 2008-09-24 Java for Mac OS X 10.4 Release 7


Last Updated: 27 May 2016 10:47:03