Lucene search

[email protected]CVE-2008-5349

HistoryDec 05, 2008 - 11:30 a.m.

CVE-2008-5349

2008-12-0511:30:00

[email protected]

web.nvd.nist.gov

cve-2008-5349

java

jre

vulnerability

denial of service

cpu consumption

nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.1 Medium

AI Score

Confidence

High

0.077 Low

EPSS

Percentile

94.2%

JSON

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key.

Affected configurations

NVD

Node

sunjdkRange≤5.0update_16

sunjdkRange≤6update_10

sunjdkMatch5.0update_1

sunjdkMatch5.0update_10

sunjdkMatch5.0update_11

sunjdkMatch5.0update_12

sunjdkMatch5.0update_13

sunjdkMatch5.0update_14

sunjdkMatch5.0update_15

sunjdkMatch5.0update_2

sunjdkMatch5.0update_3

sunjdkMatch6

sunjdkMatch6update_1

sunjdkMatch6update_2

sunjdkMatch6update_3

sunjdkMatch6update_4

sunjdkMatch6update_5

sunjdkMatch6update_6

sunjdkMatch6update_7

sunjdkMatch6update_8

sunjreRange≤5.0update_16

sunjreRange≤6update_10

sunjreMatch5.0

sunjreMatch5.0update_1

sunjreMatch5.0update_10

sunjreMatch5.0update_11

sunjreMatch5.0update_12

sunjreMatch5.0update_13

sunjreMatch5.0update_14

sunjreMatch5.0update_15

sunjreMatch5.0update_2

sunjreMatch6

sunjreMatch6update_1

sunjreMatch6update_2

sunjreMatch6update_3

sunjreMatch6update_4

sunjreMatch6update_5

sunjreMatch6update_6

sunjreMatch6update_7

sunjreMatch6update_8

CPENameOperatorVersion
sun:jdksun jdkle5.0
sun:jdksun jdkle6
sun:jresun jrele5.0
sun:jresun jrele6

CPE	Name	Operator	Version
sun:jdk	sun jdk	le	5.0
sun:jdk	sun jdk	le	6
sun:jre	sun jre	le	5.0
sun:jre	sun jre	le	6

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133

lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html

lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html

lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html

osvdb.org/50504

rhn.redhat.com/errata/RHSA-2008-1018.html

rhn.redhat.com/errata/RHSA-2008-1025.html

secunia.com/advisories/32991

secunia.com/advisories/33015

secunia.com/advisories/33709

secunia.com/advisories/34259

secunia.com/advisories/34972

secunia.com/advisories/35255

secunia.com/advisories/37386

security.gentoo.org/glsa/glsa-200911-02.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-246286-1

support.avaya.com/elmodocs2/security/ASA-2008-491.htm

support.avaya.com/elmodocs2/security/ASA-2009-012.htm

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=

www.redhat.com/support/errata/RHSA-2009-0016.html

www.securityfocus.com/archive/1/504010/100/0/threaded

www.securityfocus.com/bid/32608

www.securitytracker.com/id?1021309

www.us-cert.gov/cas/techalerts/TA08-340A.html

www.vupen.com/english/advisories/2008/3339

www.vupen.com/english/advisories/2009/1426

www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/47064

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5843

rhn.redhat.com/errata/RHSA-2009-0466.html

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.1 Medium

AI Score

Confidence

High

0.077 Low

EPSS

Percentile

94.2%

JSON

Related for CVE-2008-5349

prion1 ubuntucve1 nvd1 cvelist1 openvas33 nessus28 redhat6 ubuntu1 securityvulns2 fedora2 suse1 seebug1 vmware2 oracle1 gentoo1 ibm1