7.1

CVE-2008-5346

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file.

Data is provided by the National Vulnerability Database (NVD)
SunJre Version1.3.1
SunJre Version1.3.1_2
SunJre Version1.3.1_03
SunJre Version1.3.1_04
SunJre Version1.3.1_05
SunJre Version1.3.1_06
SunJre Version1.3.1_07
SunJre Version1.3.1_08
SunJre Version1.3.1_09
SunJre Version1.3.1_10
SunJre Version1.3.1_11
SunJre Version1.3.1_12
SunJre Version1.3.1_13
SunJre Version1.3.1_14
SunJre Version1.3.1_15
SunJre Version1.3.1_16
SunJre Version1.3.1_17
SunJre Version1.3.1_18
SunJre Version1.3.1_19
SunJre Version1.3.1_20
SunJre Version1.3.1_21
SunJre Version1.3.1_22
SunJre Version1.3.1_23
SunJre Version1.4.2
SunJre Version1.4.2_1
SunJre Version1.4.2_2
SunJre Version1.4.2_3
SunJre Version1.4.2_4
SunJre Version1.4.2_5
SunJre Version1.4.2_6
SunJre Version1.4.2_7
SunJre Version1.4.2_8
SunJre Version1.4.2_9
SunJre Version1.4.2_10
SunJre Version1.4.2_11
SunJre Version1.4.2_12
SunJre Version1.4.2_13
SunJre Version1.4.2_14
SunJre Version1.4.2_15
SunJre Version1.4.2_16
SunJre Version1.4.2_17
SunJre Version1.4.2_18
SunJre Version1.5.0 Update-
SunJre Version1.5.0 Updateupdate1
SunJre Version1.5.0 Updateupdate10
SunJre Version1.5.0 Updateupdate11
SunJre Version1.5.0 Updateupdate12
SunJre Version1.5.0 Updateupdate13
SunJre Version1.5.0 Updateupdate14
SunJre Version1.5.0 Updateupdate15
SunJre Version1.5.0 Updateupdate16
SunJre Version1.5.0 Updateupdate2
SunJdk Version1.5.0 Update-
SunJdk Version1.5.0 Updateupdate1
SunJdk Version1.5.0 Updateupdate10
SunJdk Version1.5.0 Updateupdate11
SunJdk Version1.5.0 Updateupdate11_b03
SunJdk Version1.5.0 Updateupdate12
SunJdk Version1.5.0 Updateupdate13
SunJdk Version1.5.0 Updateupdate14
SunJdk Version1.5.0 Updateupdate15
SunJdk Version1.5.0 Updateupdate16
SunJdk Version1.5.0 Updateupdate2
SunJdk Version1.5.0 Updateupdate3
SunJdk Version1.5.0 Updateupdate4
SunJdk Version1.5.0 Updateupdate5
SunJdk Version1.5.0 Updateupdate6
SunJdk Version1.5.0 Updateupdate7
SunJdk Version1.5.0 Updateupdate7_b03
SunJdk Version1.5.0 Updateupdate8
SunJdk Version1.5.0 Updateupdate9
SunSdk Version1.3.1
SunSdk Version1.3.1_01
SunSdk Version1.3.1_01a
SunSdk Version1.3.1_02
SunSdk Version1.3.1_03
SunSdk Version1.3.1_04
SunSdk Version1.3.1_05
SunSdk Version1.3.1_06
SunSdk Version1.3.1_07
SunSdk Version1.3.1_08
SunSdk Version1.3.1_09
SunSdk Version1.3.1_10
SunSdk Version1.3.1_11
SunSdk Version1.3.1_12
SunSdk Version1.3.1_13
SunSdk Version1.3.1_14
SunSdk Version1.3.1_15
SunSdk Version1.3.1_16
SunSdk Version1.3.1_17
SunSdk Version1.3.1_18
SunSdk Version1.3.1_19
SunSdk Version1.3.1_20
SunSdk Version1.3.1_21
SunSdk Version1.3.1_22
SunSdk Version1.3.1_23
SunSdk Version1.4.2
SunSdk Version1.4.2_1
SunSdk Version1.4.2_2
SunSdk Version1.4.2_02
SunSdk Version1.4.2_03
SunSdk Version1.4.2_3
SunSdk Version1.4.2_04
SunSdk Version1.4.2_4
SunSdk Version1.4.2_5
SunSdk Version1.4.2_6
SunSdk Version1.4.2_7
SunSdk Version1.4.2_8
SunSdk Version1.4.2_08
SunSdk Version1.4.2_09
SunSdk Version1.4.2_9
SunSdk Version1.4.2_10
SunSdk Version1.4.2_11
SunSdk Version1.4.2_12
SunSdk Version1.4.2_13
SunSdk Version1.4.2_14
SunSdk Version1.4.2_15
SunSdk Version1.4.2_16
SunSdk Version1.4.2_17
SunSdk Version1.4.2_18
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 4% 0.88
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:C/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.us-cert.gov/cas/techalerts/TA08-340A.html
Third Party Advisory
US Government Resource
http://www.securitytracker.com/id?1021306
Third Party Advisory
VDB Entry