CVE-2008-1188 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 96%

Affected Products (NVD)

Vendor	Product	Version
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.6.0
sun	jdk	1.6.0
sun	jdk	1.6.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

sun-java5

dapper	ignored
edgy	ignored
feisty	ignored
gutsy	ignored
hardy	Fixed 1.5.0-15-0ubuntu1 released
intrepid	Fixed 1.5.0-15-0ubuntu1 released
jaunty	Fixed 1.5.0-15-0ubuntu1 released
karmic	dne

sun-java6

dapper	dne
edgy	dne
feisty	ignored
gutsy	ignored
hardy	Fixed 6-05-0ubuntu1 released
intrepid	Fixed 6-05-0ubuntu1 released
jaunty	Fixed 6-05-0ubuntu1 released
karmic	Fixed 6-05-0ubuntu1 released

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html

http://secunia.com/advisories/29239

http://secunia.com/advisories/29273

http://secunia.com/advisories/29498

http://secunia.com/advisories/29582

http://secunia.com/advisories/29858

http://secunia.com/advisories/29897

http://secunia.com/advisories/30676

http://secunia.com/advisories/30780

http://secunia.com/advisories/31497

http://secunia.com/advisories/32018

http://security.gentoo.org/glsa/glsa-200804-28.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1

http://support.apple.com/kb/HT3178

http://support.apple.com/kb/HT3179

http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml

http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml

http://www.redhat.com/support/errata/RHSA-2008-0186.html

http://www.redhat.com/support/errata/RHSA-2008-0210.html

http://www.redhat.com/support/errata/RHSA-2008-0267.html

http://www.securitytracker.com/id?1019549

http://www.us-cert.gov/cas/techalerts/TA08-066A.html

http://www.vmware.com/security/advisories/VMSA-2008-0010.html

http://www.vupen.com/english/advisories/2008/0770/references

http://www.vupen.com/english/advisories/2008/1856/references

http://www.zerodayinitiative.com/advisories/ZDI-08-009/

http://www.zerodayinitiative.com/advisories/ZDI-08-010/

https://exchange.xforce.ibmcloud.com/vulnerabilities/41029

https://exchange.xforce.ibmcloud.com/vulnerabilities/41133

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11209

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html

http://secunia.com/advisories/29239

http://secunia.com/advisories/29273

http://secunia.com/advisories/29498

http://secunia.com/advisories/29582

http://secunia.com/advisories/29858

http://secunia.com/advisories/29897

http://secunia.com/advisories/30676

http://secunia.com/advisories/30780

http://secunia.com/advisories/31497

http://secunia.com/advisories/32018

http://security.gentoo.org/glsa/glsa-200804-28.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1

http://support.apple.com/kb/HT3178

http://support.apple.com/kb/HT3179

http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml

http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml

http://www.redhat.com/support/errata/RHSA-2008-0186.html

http://www.redhat.com/support/errata/RHSA-2008-0210.html

http://www.redhat.com/support/errata/RHSA-2008-0267.html

http://www.securitytracker.com/id?1019549

http://www.us-cert.gov/cas/techalerts/TA08-066A.html

http://www.vmware.com/security/advisories/VMSA-2008-0010.html

http://www.vupen.com/english/advisories/2008/0770/references

http://www.vupen.com/english/advisories/2008/1856/references

http://www.zerodayinitiative.com/advisories/ZDI-08-009/

http://www.zerodayinitiative.com/advisories/ZDI-08-010/

https://exchange.xforce.ibmcloud.com/vulnerabilities/41029

https://exchange.xforce.ibmcloud.com/vulnerabilities/41133

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11209