CVE-2008-5356 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 88%

Vendor	Product	Version
sun	jdk	𝑥 ≤ 5.0
sun	jdk	𝑥 ≤ 6
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jdk	5.0
sun	jre	𝑥 ≤ 1.4.2_18
sun	jre	𝑥 ≤ 5.0
sun	jre	𝑥 ≤ 6
sun	jre	1.4.2_1:_1
sun	jre	1.4.2_2:_2
sun	jre	1.4.2_3:_3
sun	jre	1.4.2_4:_4
sun	jre	1.4.2_5:_5
sun	jre	1.4.2_6:_6
sun	jre	1.4.2_7:_7
sun	jre	1.4.2_8:_8
sun	jre	1.4.2_9:_9
sun	jre	1.4.2_10:_10
sun	jre	1.4.2_11:_11
sun	jre	1.4.2_12:_12
sun	jre	1.4.2_13:_13
sun	jre	1.4.2_14:_14
sun	jre	1.4.2_15:_15
sun	jre	1.4.2_16:_16
sun	jre	1.4.2_17:_17
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	jre	5.0
sun	sdk	𝑥 ≤ 1.4.2_18
sun	sdk	1.4.2_1:_1
sun	sdk	1.4.2_2:_2
sun	sdk	1.4.2_3:_3
sun	sdk	1.4.2_4:_4
sun	sdk	1.4.2_5:_5
sun	sdk	1.4.2_6:_6
sun	sdk	1.4.2_7:_7
sun	sdk	1.4.2_8:_8
sun	sdk	1.4.2_9:_9
sun	sdk	1.4.2_10:_10
sun	sdk	1.4.2_11:_11
sun	sdk	1.4.2_12:_12
sun	sdk	1.4.2_13:_13
sun	sdk	1.4.2_14:_14
sun	sdk	1.4.2_15:_15
sun	sdk	1.4.2_16:_16
sun	sdk	1.4.2_17:_17

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

openjdk-6

karmic	not-affected
jaunty	not-affected
intrepid	not-affected
hardy	not-affected
gutsy	dne
dapper	dne

sun-java5

karmic	dne
jaunty	Fixed 1.5.0-19-0ubuntu0.9.04 released
intrepid	Fixed 1.5.0-19-0ubuntu0.8.10 released
hardy	Fixed 1.5.0-22-0ubuntu0.8.04 released
gutsy	ignored
dapper	ignored

sun-java6

karmic	Fixed 6-15-1 released
jaunty	Fixed 6-16-0ubuntu1.9.04 released
intrepid	Fixed 6-14-0ubuntu1.8.10 released
hardy	Fixed 6-17-0ubuntu1.8.04 released
gutsy	ignored
dapper	dne

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=757

http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

http://marc.info/?l=bugtraq&m=123678756409861&w=2

http://marc.info/?l=bugtraq&m=123678756409861&w=2

http://marc.info/?l=bugtraq&m=126583436323697&w=2

http://marc.info/?l=bugtraq&m=126583436323697&w=2

http://osvdb.org/50516

http://rhn.redhat.com/errata/RHSA-2008-1018.html

http://rhn.redhat.com/errata/RHSA-2008-1025.html

http://secunia.com/advisories/32991

http://secunia.com/advisories/33015

http://secunia.com/advisories/33187

http://secunia.com/advisories/33710

http://secunia.com/advisories/34233

http://secunia.com/advisories/34259

http://secunia.com/advisories/34447

http://secunia.com/advisories/34605

http://secunia.com/advisories/34972

http://secunia.com/advisories/35065

http://secunia.com/advisories/37386

http://secunia.com/advisories/38539

http://security.gentoo.org/glsa/glsa-200911-02.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-244987-1

http://support.avaya.com/elmodocs2/security/ASA-2008-485.htm

http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=

http://www.redhat.com/support/errata/RHSA-2009-0016.html

http://www.redhat.com/support/errata/RHSA-2009-0369.html

http://www.securityfocus.com/bid/32608

http://www.us-cert.gov/cas/techalerts/TA08-340A.html

http://www.vupen.com/english/advisories/2008/3339

http://www.vupen.com/english/advisories/2009/0672

http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf

https://exchange.xforce.ibmcloud.com/vulnerabilities/47103

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6494

https://rhn.redhat.com/errata/RHSA-2009-0466.html

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=757

http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

http://marc.info/?l=bugtraq&m=123678756409861&w=2

http://marc.info/?l=bugtraq&m=123678756409861&w=2

http://marc.info/?l=bugtraq&m=126583436323697&w=2

http://marc.info/?l=bugtraq&m=126583436323697&w=2

http://osvdb.org/50516

http://rhn.redhat.com/errata/RHSA-2008-1018.html

http://rhn.redhat.com/errata/RHSA-2008-1025.html

http://secunia.com/advisories/32991

http://secunia.com/advisories/33015

http://secunia.com/advisories/33187

http://secunia.com/advisories/33710

http://secunia.com/advisories/34233

http://secunia.com/advisories/34259

http://secunia.com/advisories/34447

http://secunia.com/advisories/34605

http://secunia.com/advisories/34972

http://secunia.com/advisories/35065

http://secunia.com/advisories/37386

http://secunia.com/advisories/38539

http://security.gentoo.org/glsa/glsa-200911-02.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-244987-1

http://support.avaya.com/elmodocs2/security/ASA-2008-485.htm

http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=

http://www.redhat.com/support/errata/RHSA-2009-0016.html

http://www.redhat.com/support/errata/RHSA-2009-0369.html

http://www.securityfocus.com/bid/32608

http://www.us-cert.gov/cas/techalerts/TA08-340A.html

http://www.vupen.com/english/advisories/2008/3339

http://www.vupen.com/english/advisories/2009/0672

http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf

https://exchange.xforce.ibmcloud.com/vulnerabilities/47103

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6494

https://rhn.redhat.com/errata/RHSA-2009-0466.html