Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://secunia.com/advisories/31010
http://secunia.com/advisories/31055
http://secunia.com/advisories/31497
http://secunia.com/advisories/31600
http://secunia.com/advisories/32018
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1
http://support.apple.com/kb/HT3178
http://support.apple.com/kb/HT3179
http://www.redhat.com/support/errata/RHSA-2008-0594.html
http://www.redhat.com/support/errata/RHSA-2008-0595.html
http://www.securityfocus.com/archive/1/497041/100/0/threaded
http://www.securityfocus.com/bid/30141
http://www.securitytracker.com/id?1020455
http://www.us-cert.gov/cas/techalerts/TA08-193A.html
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
http://www.vupen.com/english/advisories/2008/2056/references
http://www.vupen.com/english/advisories/2008/2740
https://exchange.xforce.ibmcloud.com/vulnerabilities/43659
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219
OR
cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:*:update_15:*:*:*:*:*:* versions up to 5.0 (inclusive)
cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_7:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_8:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:5.0:update_9:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:*:update_6:*:*:*:*:*:* versions up to 6 (inclusive)
cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_01:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_02:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_05:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_06:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_07:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:* versions up to 1.4.2_17 (inclusive)
cpe:2.3:a:sun:jre:5.0:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:update_15:*:*:*:*:*:* versions up to 5.0 (inclusive)
cpe:2.3:a:sun:jre:5.0:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_7:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_8:*:*:*:*:*:*
cpe:2.3:a:sun:jre:5.0:update_9:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:update_6:*:*:*:*:*:* versions up to 6 (inclusive)
cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_05:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_06:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_07:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:* versions up to 1.4.2_17 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
69874 | Juniper NSM Servers Multiple Java JDK/JRE Vulnerabilities (PSN-2012-08-689) | Nessus | Misc. | critical |
64833 | Sun Java JDK/JRE 6 < Update 7 Multiple Vulnerabilities (Unix) | Nessus | Misc. | critical |
64832 | Sun Java JDK/JRE 5 < Update 16 Multiple Vulnerabilities (Unix) | Nessus | Misc. | critical |
64817 | Sun Java J2SE 1.4.2 < Update 18 Multiple Vulnerabilities (Unix) | Nessus | Misc. | critical |
63858 | RHEL 5 : java-1.6.0-sun (RHSA-2008:0594) | Nessus | Red Hat Local Security Checks | critical |
60440 | Scientific Linux Security Update : java (jdk 1.5.0) on SL4.x, SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
43841 | RHEL 4 : Sun Java Runtime in Satellite Server (RHSA-2008:0636) | Nessus | Red Hat Local Security Checks | critical |
42834 | GLSA-200911-02 : Sun JDK/JRE: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | critical |
41224 | SuSE9 Security Update : Java2 (YOU Patch Number 12206) | Nessus | SuSE Local Security Checks | critical |
40723 | RHEL 4 / 5 : java-1.5.0-sun (RHSA-2008:0595) | Nessus | Red Hat Local Security Checks | critical |
40383 | VMSA-2008-0016 : VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues | Nessus | VMware ESX Local Security Checks | critical |
40001 | openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-97) | Nessus | SuSE Local Security Checks | critical |
39996 | openSUSE Security Update : java-1_5_0-sun (java-1_5_0-sun-96) | Nessus | SuSE Local Security Checks | critical |
34291 | Mac OS X : Java for Mac OS X 10.4 Release 7 | Nessus | MacOS X Local Security Checks | high |
34290 | Mac OS X : Java for Mac OS X 10.5 Update 2 | Nessus | MacOS X Local Security Checks | high |
34038 | openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-5435) | Nessus | SuSE Local Security Checks | critical |
34037 | openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-5434) | Nessus | SuSE Local Security Checks | critical |
34036 | SuSE 10 Security Update : Java 1.4.2 (ZYPP Patch Number 5431) | Nessus | SuSE Local Security Checks | critical |
34035 | openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-5430) | Nessus | SuSE Local Security Checks | critical |
33488 | Sun Java JDK/JRE 6 < Update 7 Multiple Vulnerabilities | Nessus | Windows | high |
33487 | Sun Java JDK/JRE 5 < Update 16 Multiple Vulnerabilities | Nessus | Windows | high |
33486 | Sun Java J2SE 1.4.2 < Update 18 Multiple Vulnerabilities | Nessus | Windows | high |