6.8
CVE-2008-1189
- EPSS 7.19%
- Veröffentlicht 06.03.2008 21:44:00
- Zuletzt bearbeitet 16.06.2026 22:51:10
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.19% | 0.935 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/29858
http://secunia.com/advisories/30780
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
http://secunia.com/advisories/29897
http://secunia.com/advisories/30676
http://www.vmware.com/security/advisories/VMSA-2008-0010.html
http://www.vupen.com/english/advisories/2008/1856/references
http://secunia.com/advisories/29498
http://secunia.com/advisories/31497
http://www.redhat.com/support/errata/RHSA-2008-0210.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html
http://secunia.com/advisories/29239
http://secunia.com/advisories/29273
http://secunia.com/advisories/29582
http://secunia.com/advisories/32018
http://support.apple.com/kb/HT3178
http://support.apple.com/kb/HT3179
http://www.redhat.com/support/errata/RHSA-2008-0186.html
http://www.us-cert.gov/cas/techalerts/TA08-066A.html
http://www.vupen.com/english/advisories/2008/0770/references
http://www.redhat.com/support/errata/RHSA-2008-0267.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1
http://www.securitytracker.com/id?1019549
https://exchange.xforce.ibmcloud.com/vulnerabilities/41029
https://exchange.xforce.ibmcloud.com/vulnerabilities/41133
https://exchange.xforce.ibmcloud.com/vulnerabilities/41135
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9582