9.3

CVE-2008-5359

Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the Java AWT library.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunJre Version1.3.1
SunJre Version1.3.1_2
SunJre Version1.3.1_03
SunJre Version1.3.1_04
SunJre Version1.3.1_05
SunJre Version1.3.1_06
SunJre Version1.3.1_07
SunJre Version1.3.1_08
SunJre Version1.3.1_09
SunJre Version1.3.1_10
SunJre Version1.3.1_11
SunJre Version1.3.1_12
SunJre Version1.3.1_13
SunJre Version1.3.1_14
SunJre Version1.3.1_15
SunJre Version1.3.1_16
SunJre Version1.3.1_17
SunJre Version1.3.1_18
SunJre Version1.3.1_19
SunJre Version1.3.1_20
SunJre Version1.3.1_21
SunJre Version1.3.1_22
SunJre Version1.3.1_23
SunJre Version1.4.2
SunJre Version1.4.2_1
SunJre Version1.4.2_2
SunJre Version1.4.2_3
SunJre Version1.4.2_4
SunJre Version1.4.2_5
SunJre Version1.4.2_6
SunJre Version1.4.2_7
SunJre Version1.4.2_8
SunJre Version1.4.2_9
SunJre Version1.4.2_10
SunJre Version1.4.2_11
SunJre Version1.4.2_12
SunJre Version1.4.2_13
SunJre Version1.4.2_14
SunJre Version1.4.2_15
SunJre Version1.4.2_16
SunJre Version1.4.2_17
SunJre Version1.4.2_18
SunJre Version1.5.0
SunJre Version1.5.0 Updateupdate1
SunJre Version1.5.0 Updateupdate10
SunJre Version1.5.0 Updateupdate11
SunJre Version1.5.0 Updateupdate12
SunJre Version1.5.0 Updateupdate13
SunJre Version1.5.0 Updateupdate14
SunJre Version1.5.0 Updateupdate15
SunJre Version1.5.0 Updateupdate16
SunJre Version1.5.0 Updateupdate2
SunJre Version1.6.0
SunJre Version1.6.0 Updateupdate_1
SunJre Version1.6.0 Updateupdate_10
SunJre Version1.6.0 Updateupdate_2
SunJre Version1.6.0 Updateupdate_3
SunJre Version1.6.0 Updateupdate_4
SunJre Version1.6.0 Updateupdate_5
SunJre Version1.6.0 Updateupdate_6
SunJdk Version1.5.0
SunJdk Version1.5.0 Updateupdate1
SunJdk Version1.5.0 Updateupdate10
SunJdk Version1.5.0 Updateupdate2
SunJdk Version1.5.0 Updateupdate3
SunJdk Version1.5.0 Updateupdate4
SunJdk Version1.5.0 Updateupdate5
SunJdk Version1.5.0 Updateupdate6
SunJdk Version1.5.0 Updateupdate7
SunJdk Version1.5.0 Updateupdate7_b03
SunJdk Version1.5.0 Updateupdate8
SunJdk Version1.5.0 Updateupdate9
SunJdk Version1.6.0
SunJdk Version1.6.0 Updateupdate_10
SunJdk Version1.6.0 Updateupdate_3
SunJdk Version1.6.0 Updateupdate_4
SunJdk Version1.6.0 Updateupdate_5
SunJdk Version1.6.0 Updateupdate_6
SunJdk Version1.6.0 Updateupdate_7
SunSdk Version1.3.1
SunSdk Version1.3.1_01
SunSdk Version1.3.1_01a
SunSdk Version1.3.1_02
SunSdk Version1.3.1_03
SunSdk Version1.3.1_04
SunSdk Version1.3.1_05
SunSdk Version1.3.1_06
SunSdk Version1.3.1_07
SunSdk Version1.3.1_08
SunSdk Version1.3.1_09
SunSdk Version1.3.1_10
SunSdk Version1.3.1_11
SunSdk Version1.3.1_12
SunSdk Version1.3.1_13
SunSdk Version1.3.1_14
SunSdk Version1.3.1_15
SunSdk Version1.3.1_16
SunSdk Version1.3.1_17
SunSdk Version1.3.1_18
SunSdk Version1.3.1_19
SunSdk Version1.3.1_20
SunSdk Version1.3.1_21
SunSdk Version1.3.1_22
SunSdk Version1.3.1_23
SunSdk Version1.4.2
SunSdk Version1.4.2_1
SunSdk Version1.4.2_2
SunSdk Version1.4.2_02
SunSdk Version1.4.2_03
SunSdk Version1.4.2_3
SunSdk Version1.4.2_04
SunSdk Version1.4.2_4
SunSdk Version1.4.2_5
SunSdk Version1.4.2_6
SunSdk Version1.4.2_7
SunSdk Version1.4.2_8
SunSdk Version1.4.2_08
SunSdk Version1.4.2_09
SunSdk Version1.4.2_9
SunSdk Version1.4.2_10
SunSdk Version1.4.2_11
SunSdk Version1.4.2_12
SunSdk Version1.4.2_13
SunSdk Version1.4.2_14
SunSdk Version1.4.2_15
SunSdk Version1.4.2_16
SunSdk Version1.4.2_17
SunSdk Version1.4.2_18
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 35.13% 0.969
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://marc.info/?l=bugtraq&m=123678756409861&w=2
Third Party Advisory
Mailing List
http://marc.info/?l=bugtraq&m=126583436323697&w=2
Third Party Advisory
Mailing List
http://www.us-cert.gov/cas/techalerts/TA08-340A.html
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/32608
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/47048
Third Party Advisory
VDB Entry
Mailing List