← Voltar para CVEs

CVE-2008-1188

N/A

Descricao

Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues."

Detalhes CVE

Pontuacao CVSS v3.1N/A

Publicado3/6/2008

Ultima modificacao4/9/2025

Fontenvd

Avistamentos honeypot0

Produtos afetados

sun:jdksun:jre

Fraquezas (CWE)

CWE-119

Referencias

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html(cve@mitre.org)

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html(cve@mitre.org)

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html(cve@mitre.org)

http://secunia.com/advisories/29239(cve@mitre.org)

http://secunia.com/advisories/29273(cve@mitre.org)

http://secunia.com/advisories/29498(cve@mitre.org)

http://secunia.com/advisories/29582(cve@mitre.org)

http://secunia.com/advisories/29858(cve@mitre.org)

http://secunia.com/advisories/29897(cve@mitre.org)

http://secunia.com/advisories/30676(cve@mitre.org)

http://secunia.com/advisories/30780(cve@mitre.org)

http://secunia.com/advisories/31497(cve@mitre.org)

http://secunia.com/advisories/32018(cve@mitre.org)

http://security.gentoo.org/glsa/glsa-200804-28.xml(cve@mitre.org)

http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1(cve@mitre.org)

http://support.apple.com/kb/HT3178(cve@mitre.org)

http://support.apple.com/kb/HT3179(cve@mitre.org)

http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml(cve@mitre.org)

http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2008-0186.html(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2008-0210.html(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2008-0267.html(cve@mitre.org)

http://www.securitytracker.com/id?1019549(cve@mitre.org)

http://www.us-cert.gov/cas/techalerts/TA08-066A.html(cve@mitre.org)

http://www.vmware.com/security/advisories/VMSA-2008-0010.html(cve@mitre.org)

http://www.vupen.com/english/advisories/2008/0770/references(cve@mitre.org)

http://www.vupen.com/english/advisories/2008/1856/references(cve@mitre.org)

http://www.zerodayinitiative.com/advisories/ZDI-08-009/(cve@mitre.org)

http://www.zerodayinitiative.com/advisories/ZDI-08-010/(cve@mitre.org)

https://exchange.xforce.ibmcloud.com/vulnerabilities/41029(cve@mitre.org)

https://exchange.xforce.ibmcloud.com/vulnerabilities/41133(cve@mitre.org)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11209(cve@mitre.org)

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/29239(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/29273(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/29498(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/29582(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/29858(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/29897(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/30676(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/30780(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/31497(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/32018(af854a3a-2127-422b-91ae-364da2661108)

http://security.gentoo.org/glsa/glsa-200804-28.xml(af854a3a-2127-422b-91ae-364da2661108)

http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1(af854a3a-2127-422b-91ae-364da2661108)

http://support.apple.com/kb/HT3178(af854a3a-2127-422b-91ae-364da2661108)

http://support.apple.com/kb/HT3179(af854a3a-2127-422b-91ae-364da2661108)

http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml(af854a3a-2127-422b-91ae-364da2661108)

http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2008-0186.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2008-0210.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2008-0267.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id?1019549(af854a3a-2127-422b-91ae-364da2661108)

http://www.us-cert.gov/cas/techalerts/TA08-066A.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.vmware.com/security/advisories/VMSA-2008-0010.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2008/0770/references(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2008/1856/references(af854a3a-2127-422b-91ae-364da2661108)

http://www.zerodayinitiative.com/advisories/ZDI-08-009/(af854a3a-2127-422b-91ae-364da2661108)

http://www.zerodayinitiative.com/advisories/ZDI-08-010/(af854a3a-2127-422b-91ae-364da2661108)

https://exchange.xforce.ibmcloud.com/vulnerabilities/41029(af854a3a-2127-422b-91ae-364da2661108)

https://exchange.xforce.ibmcloud.com/vulnerabilities/41133(af854a3a-2127-422b-91ae-364da2661108)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11209(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.