CVE-2008-0657

HIGH

Description

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

References

http://dev2dev.bea.com/pub/advisory/277

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html

http://secunia.com/advisories/28795

http://secunia.com/advisories/28888

http://secunia.com/advisories/29214

http://secunia.com/advisories/29498

http://secunia.com/advisories/29841

http://secunia.com/advisories/29858

http://secunia.com/advisories/29897

http://secunia.com/advisories/30676

http://secunia.com/advisories/30780

http://secunia.com/advisories/31497

http://security.gentoo.org/glsa/glsa-200804-28.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-231261-1

http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml

http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml

http://www.redhat.com/support/errata/RHSA-2008-0123.html

http://www.redhat.com/support/errata/RHSA-2008-0156.html

http://www.redhat.com/support/errata/RHSA-2008-0210.html

http://www.securityfocus.com/bid/27650

http://www.securitytracker.com/id?1019308

http://www.vmware.com/security/advisories/VMSA-2008-0010.html

http://www.vupen.com/english/advisories/2008/0429

http://www.vupen.com/english/advisories/2008/1252

http://www.vupen.com/english/advisories/2008/1856/references

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11505

Details

Source: MITRE

Published: 2008-02-07

Updated: 2017-09-29

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH