CVE-2008-1187

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2008-1187
Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://dev2dev.bea.com/pub/advisory/277
http://download.novell.com/Download?buildid=q5exhSqeBjA~ Patch
http://jvn.jp/en/jp/JVN04032535/index.html
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
http://secunia.com/advisories/29239 Vendor Advisory
http://secunia.com/advisories/29273 Vendor Advisory
http://secunia.com/advisories/29498 Vendor Advisory
http://secunia.com/advisories/29582 Vendor Advisory
http://secunia.com/advisories/29841 Vendor Advisory
http://secunia.com/advisories/29858 Vendor Advisory
http://secunia.com/advisories/29897 Vendor Advisory
http://secunia.com/advisories/29999 Vendor Advisory
http://secunia.com/advisories/30003 Vendor Advisory
http://secunia.com/advisories/30676 Vendor Advisory
http://secunia.com/advisories/30780 Vendor Advisory
http://secunia.com/advisories/31067 Vendor Advisory
http://secunia.com/advisories/31497 Vendor Advisory
http://secunia.com/advisories/31580 Vendor Advisory
http://secunia.com/advisories/31586 Vendor Advisory
http://secunia.com/advisories/32018 Vendor Advisory
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1 Patch Vendor Advisory
http://support.apple.com/kb/HT3178
http://support.apple.com/kb/HT3179
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://www.redhat.com/support/errata/RHSA-2008-0186.html
http://www.redhat.com/support/errata/RHSA-2008-0210.html
http://www.redhat.com/support/errata/RHSA-2008-0243.html
http://www.redhat.com/support/errata/RHSA-2008-0244.html
http://www.redhat.com/support/errata/RHSA-2008-0245.html
http://www.redhat.com/support/errata/RHSA-2008-0267.html
http://www.redhat.com/support/errata/RHSA-2008-0555.html
http://www.securitytracker.com/id?1019548
http://www.us-cert.gov/cas/techalerts/TA08-066A.html US Government Resource
http://www.vmware.com/security/advisories/VMSA-2008-0010.html Patch
http://www.vupen.com/english/advisories/2008/0770/references Vendor Advisory
http://www.vupen.com/english/advisories/2008/1252 Vendor Advisory
http://www.vupen.com/english/advisories/2008/1856/references Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/41025
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278
http://dev2dev.bea.com/pub/advisory/277
http://download.novell.com/Download?buildid=q5exhSqeBjA~ Patch
http://jvn.jp/en/jp/JVN04032535/index.html
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
http://secunia.com/advisories/29239 Vendor Advisory
http://secunia.com/advisories/29273 Vendor Advisory
http://secunia.com/advisories/29498 Vendor Advisory
http://secunia.com/advisories/29582 Vendor Advisory
http://secunia.com/advisories/29841 Vendor Advisory
http://secunia.com/advisories/29858 Vendor Advisory
http://secunia.com/advisories/29897 Vendor Advisory
http://secunia.com/advisories/29999 Vendor Advisory
http://secunia.com/advisories/30003 Vendor Advisory
http://secunia.com/advisories/30676 Vendor Advisory
http://secunia.com/advisories/30780 Vendor Advisory
http://secunia.com/advisories/31067 Vendor Advisory
http://secunia.com/advisories/31497 Vendor Advisory
http://secunia.com/advisories/31580 Vendor Advisory
http://secunia.com/advisories/31586 Vendor Advisory
http://secunia.com/advisories/32018 Vendor Advisory
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1 Patch Vendor Advisory
http://support.apple.com/kb/HT3178
http://support.apple.com/kb/HT3179
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://www.redhat.com/support/errata/RHSA-2008-0186.html
http://www.redhat.com/support/errata/RHSA-2008-0210.html
http://www.redhat.com/support/errata/RHSA-2008-0243.html
http://www.redhat.com/support/errata/RHSA-2008-0244.html
http://www.redhat.com/support/errata/RHSA-2008-0245.html
http://www.redhat.com/support/errata/RHSA-2008-0267.html
http://www.redhat.com/support/errata/RHSA-2008-0555.html
http://www.securitytracker.com/id?1019548
http://www.us-cert.gov/cas/techalerts/TA08-066A.html US Government Resource
http://www.vmware.com/security/advisories/VMSA-2008-0010.html Patch
http://www.vupen.com/english/advisories/2008/0770/references Vendor Advisory
http://www.vupen.com/english/advisories/2008/1252 Vendor Advisory
http://www.vupen.com/english/advisories/2008/1856/references Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/41025
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sun:jdk:*:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:*:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_7:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_8:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_9:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_01:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_02:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_03:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_05:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_06:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_07:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_7:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_8:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_9:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_01:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_05:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_06:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_07:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*
History

21 Nov 2024, 00:43

Type Values Removed Values Added
References () http://dev2dev.bea.com/pub/advisory/277 - () http://dev2dev.bea.com/pub/advisory/277 -
References () http://download.novell.com/Download?buildid=q5exhSqeBjA~ - Patch () http://download.novell.com/Download?buildid=q5exhSqeBjA~ - Patch
References () http://jvn.jp/en/jp/JVN04032535/index.html - () http://jvn.jp/en/jp/JVN04032535/index.html -
References () http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html - () http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html -
References () http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html - () http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html -
References () http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html - () http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html -
References () http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html - () http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html -
References () http://secunia.com/advisories/29239 - Vendor Advisory () http://secunia.com/advisories/29239 - Vendor Advisory
References () http://secunia.com/advisories/29273 - Vendor Advisory () http://secunia.com/advisories/29273 - Vendor Advisory
References () http://secunia.com/advisories/29498 - Vendor Advisory () http://secunia.com/advisories/29498 - Vendor Advisory
References () http://secunia.com/advisories/29582 - Vendor Advisory () http://secunia.com/advisories/29582 - Vendor Advisory
References () http://secunia.com/advisories/29841 - Vendor Advisory () http://secunia.com/advisories/29841 - Vendor Advisory
References () http://secunia.com/advisories/29858 - Vendor Advisory () http://secunia.com/advisories/29858 - Vendor Advisory
References () http://secunia.com/advisories/29897 - Vendor Advisory () http://secunia.com/advisories/29897 - Vendor Advisory
References () http://secunia.com/advisories/29999 - Vendor Advisory () http://secunia.com/advisories/29999 - Vendor Advisory
References () http://secunia.com/advisories/30003 - Vendor Advisory () http://secunia.com/advisories/30003 - Vendor Advisory
References () http://secunia.com/advisories/30676 - Vendor Advisory () http://secunia.com/advisories/30676 - Vendor Advisory
References () http://secunia.com/advisories/30780 - Vendor Advisory () http://secunia.com/advisories/30780 - Vendor Advisory
References () http://secunia.com/advisories/31067 - Vendor Advisory () http://secunia.com/advisories/31067 - Vendor Advisory
References () http://secunia.com/advisories/31497 - Vendor Advisory () http://secunia.com/advisories/31497 - Vendor Advisory
References () http://secunia.com/advisories/31580 - Vendor Advisory () http://secunia.com/advisories/31580 - Vendor Advisory
References () http://secunia.com/advisories/31586 - Vendor Advisory () http://secunia.com/advisories/31586 - Vendor Advisory
References () http://secunia.com/advisories/32018 - Vendor Advisory () http://secunia.com/advisories/32018 - Vendor Advisory
References () http://security.gentoo.org/glsa/glsa-200804-28.xml - () http://security.gentoo.org/glsa/glsa-200804-28.xml -
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1 - Patch, Vendor Advisory () http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1 - Patch, Vendor Advisory
References () http://support.apple.com/kb/HT3178 - () http://support.apple.com/kb/HT3178 -
References () http://support.apple.com/kb/HT3179 - () http://support.apple.com/kb/HT3179 -
References () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html - () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html -
References () http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml - () http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml -
References () http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml - () http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml -
References () http://www.redhat.com/support/errata/RHSA-2008-0186.html - () http://www.redhat.com/support/errata/RHSA-2008-0186.html -
References () http://www.redhat.com/support/errata/RHSA-2008-0210.html - () http://www.redhat.com/support/errata/RHSA-2008-0210.html -
References () http://www.redhat.com/support/errata/RHSA-2008-0243.html - () http://www.redhat.com/support/errata/RHSA-2008-0243.html -
References () http://www.redhat.com/support/errata/RHSA-2008-0244.html - () http://www.redhat.com/support/errata/RHSA-2008-0244.html -
References () http://www.redhat.com/support/errata/RHSA-2008-0245.html - () http://www.redhat.com/support/errata/RHSA-2008-0245.html -
References () http://www.redhat.com/support/errata/RHSA-2008-0267.html - () http://www.redhat.com/support/errata/RHSA-2008-0267.html -
References () http://www.redhat.com/support/errata/RHSA-2008-0555.html - () http://www.redhat.com/support/errata/RHSA-2008-0555.html -
References () http://www.securitytracker.com/id?1019548 - () http://www.securitytracker.com/id?1019548 -
References () http://www.us-cert.gov/cas/techalerts/TA08-066A.html - US Government Resource () http://www.us-cert.gov/cas/techalerts/TA08-066A.html - US Government Resource
References () http://www.vmware.com/security/advisories/VMSA-2008-0010.html - Patch () http://www.vmware.com/security/advisories/VMSA-2008-0010.html - Patch
References () http://www.vupen.com/english/advisories/2008/0770/references - Vendor Advisory () http://www.vupen.com/english/advisories/2008/0770/references - Vendor Advisory
References () http://www.vupen.com/english/advisories/2008/1252 - Vendor Advisory () http://www.vupen.com/english/advisories/2008/1252 - Vendor Advisory
References () http://www.vupen.com/english/advisories/2008/1856/references - Vendor Advisory () http://www.vupen.com/english/advisories/2008/1856/references - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/41025 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/41025 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278 -
Information

Published : 2008-03-06 21:44

Updated : 2024-11-21 00:43

NVD link : CVE-2008-1187

Mitre link : CVE-2008-1187

CVE.ORG link : CVE-2008-1187

JSON object : View

Products Affected

sun

  • sdk
  • jre
  • jdk
CWE
CWE-264

Permissions, Privileges, and Access Controls

NVD-CWE-noinfo

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024