Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5347

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5347
Last Modified 07 Mar 2011 10:14:26
Published 05 Dec 2008 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5347

Summary

Multiple unspecified vulnerabilities in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the (1) JAX-WS and (2) JAXB packages.

Vulnerable Systems

Application

  • Sun Jdk 6

  • Sun Jre 6


References

CERT - TA08-340A

SUNALERT - 246366

XF - jre-jaxws-jaxb-privilege-escalation(47068)

CONFIRM - http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf

VUPEN - ADV-2009-0672

VUPEN - ADV-2008-3339

SECTRACK - 1021307

BID - 32608

REDHAT - RHSA-2009:0015

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=

SUNALERT - 1019798

GENTOO - GLSA-200911-02

SECUNIA - 38539

SECUNIA - 37386

SECUNIA - 34259

SECUNIA - 34233

SECUNIA - 33709

SECUNIA - 33528

SECUNIA - 33015

SECUNIA - 32991

REDHAT - RHSA-2008:1018

OSVDB - 50506

HP - HPSBUX02411

SUSE - SUSE-SR:2009:006

HP - SSRT080111

Related Patches

Apple 2009-06-15 Java for Mac OS X 10.5 Update 4

Novell SUSE 2008:5852 java-1_4_2-sun security update for SLE 10 SP2 i586


Last Updated: 27 May 2016 10:49:59