CVE-2008-0657

EUVD-2008-0667
Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
sunjre
𝑥
≤ 1.5.0
sunjre
𝑥
≤ 1.6.0
sunjdk
𝑥
≤ 5.0_update13
sunjre
𝑥
≤ 1.6.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
sun-java5
dapper
ignored
edgy
ignored
feisty
ignored
gutsy
ignored
hardy
Fixed 1.5.0-14-0ubuntu1
released
intrepid
Fixed 1.5.0-14-0ubuntu1
released
jaunty
Fixed 1.5.0-14-0ubuntu1
released
karmic
dne
sun-java6
dapper
dne
edgy
dne
feisty
ignored
gutsy
Fixed 6-02-0ubuntu1
released
hardy
Fixed 6-02-0ubuntu1
released
intrepid
Fixed 6-02-0ubuntu1
released
jaunty
Fixed 6-02-0ubuntu1
released
karmic
Fixed 6-02-0ubuntu1
released
Common Weakness Enumeration
References
http://dev2dev.bea.com/pub/advisory/277
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
http://secunia.com/advisories/28795
http://secunia.com/advisories/28888
http://secunia.com/advisories/29214
http://secunia.com/advisories/29498
http://secunia.com/advisories/29841
http://secunia.com/advisories/29858
http://secunia.com/advisories/29897
http://secunia.com/advisories/30676
http://secunia.com/advisories/30780
http://secunia.com/advisories/31497
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-231261-1
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://www.redhat.com/support/errata/RHSA-2008-0123.html
http://www.redhat.com/support/errata/RHSA-2008-0156.html
http://www.redhat.com/support/errata/RHSA-2008-0210.html
http://www.securityfocus.com/bid/27650
http://www.securitytracker.com/id?1019308
http://www.vmware.com/security/advisories/VMSA-2008-0010.html
http://www.vupen.com/english/advisories/2008/0429
http://www.vupen.com/english/advisories/2008/1252
http://www.vupen.com/english/advisories/2008/1856/references
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11505
http://dev2dev.bea.com/pub/advisory/277
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
http://secunia.com/advisories/28795
http://secunia.com/advisories/28888
http://secunia.com/advisories/29214
http://secunia.com/advisories/29498
http://secunia.com/advisories/29841
http://secunia.com/advisories/29858
http://secunia.com/advisories/29897
http://secunia.com/advisories/30676
http://secunia.com/advisories/30780
http://secunia.com/advisories/31497
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-231261-1
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://www.redhat.com/support/errata/RHSA-2008-0123.html
http://www.redhat.com/support/errata/RHSA-2008-0156.html
http://www.redhat.com/support/errata/RHSA-2008-0210.html
http://www.securityfocus.com/bid/27650
http://www.securitytracker.com/id?1019308
http://www.vmware.com/security/advisories/VMSA-2008-0010.html
http://www.vupen.com/english/advisories/2008/0429
http://www.vupen.com/english/advisories/2008/1252
http://www.vupen.com/english/advisories/2008/1856/references
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11505