CVE-2008-0657

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2008-0657
Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://dev2dev.bea.com/pub/advisory/277
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
http://secunia.com/advisories/28795 Patch Vendor Advisory
http://secunia.com/advisories/28888
http://secunia.com/advisories/29214
http://secunia.com/advisories/29498
http://secunia.com/advisories/29841
http://secunia.com/advisories/29858
http://secunia.com/advisories/29897
http://secunia.com/advisories/30676
http://secunia.com/advisories/30780
http://secunia.com/advisories/31497
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-231261-1
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://www.redhat.com/support/errata/RHSA-2008-0123.html
http://www.redhat.com/support/errata/RHSA-2008-0156.html
http://www.redhat.com/support/errata/RHSA-2008-0210.html
http://www.securityfocus.com/bid/27650
http://www.securitytracker.com/id?1019308
http://www.vmware.com/security/advisories/VMSA-2008-0010.html
http://www.vupen.com/english/advisories/2008/0429
http://www.vupen.com/english/advisories/2008/1252
http://www.vupen.com/english/advisories/2008/1856/references
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11505
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sun:jre:*:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:update1:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:update1:*:*:*:*:*:*
History

No history.

Information

Published : 2008-02-07 21:00

Updated : 2017-09-29 01:30

NVD link : CVE-2008-0657

Mitre link : CVE-2008-0657

CVE.ORG link : CVE-2008-0657

JSON object : View

Products Affected

sun

  • jre
  • jdk
CWE
CWE-264

Permissions, Privileges, and Access Controls