Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2008-5353
HistoryDec 05, 2008 - 11:00 a.m.

CVE-2008-5353

2008-12-0511:00:00
mitre
www.cve.org
5

AI Score

7.5

Confidence

High

EPSS

0.971

Percentile

99.8%

JSON

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by “deserializing Calendar objects”.

References

Related

cve 1
canvas 2
packetstorm 2
seebug 7
exploitpack 2
ubuntucve 1
metasploit 1
prion 1
threatpost 3
symantec 1
nvd 1
exploitdb 4
checkpoint_advisories 1
openvas 41
ubuntu 1
nessus 32
securityvulns 2
redhat 6
fedora 2
suse 3
vmware 2
oracle 1
gentoo 1
cve
cve
CVE-2008-5353
2008-12-05 11:30:00
canvas
canvas
Immunity Canvas: JAVA_DESERIALIZE
2008-12-05 06:30:00
Immunity Canvas: JAVA_DESERIALIZE_WIN32
2008-12-05 11:30:00
packetstorm
packetstorm
Sun Java Calendar Deserialization
2009-10-27 00:00:00
Signed Applet Social Engineering Code Exec
2010-02-05 00:00:00
seebug
seebug
Mac OS X - Java applet Remote Deserialization Remote PoC (updated)
2014-07-01 00:00:00
Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserialization Exploit
2008-12-03 00:00:00
Sun Java Calendar Deserialization Exploit
2014-07-01 00:00:00
exploitpack
exploitpack
Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization (Metasploit)
2008-12-03 00:00:00
Apple Mac OSX - Java applet Remote Deserialization Remote (2)
2009-05-20 00:00:00
ubuntucve
ubuntucve
CVE-2008-5353
2008-12-05 00:00:00
metasploit
metasploit
Sun Java Calendar Deserialization Privilege Escalation
2009-12-15 20:37:15
prion
prion
Deserialization of untrusted data
2008-12-05 11:30:00
threatpost
threatpost
Chorus Grows Louder to Disable Java 7 After Exploit Hits Mainstream
2012-08-30 02:03:14
Serious Mac OS X Java vulnerability disclosed
2009-05-20 17:37:46
Java Still a Favorite Target of Attackers
2011-11-30 19:39:18
symantec
symantec
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
2008-12-03 00:00:00
nvd
nvd
CVE-2008-5353
2008-12-05 11:30:00
exploitdb
exploitdb
Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization (Metasploit)
2008-12-03 00:00:00
Sun Java - Calendar Deserialization (Metasploit)
2010-09-20 00:00:00
Signed Applet Social Engineering - Code Execution (Metasploit)
2011-01-08 00:00:00
checkpoint_advisories
checkpoint_advisories
Java Signed Applet (CVE-2008-5353; CVE-2010-0094; CVE-2010-0840)
2011-11-01 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-713-1)
2009-02-02 00:00:00
Ubuntu USN-713-1 (openjdk-6)
2009-02-02 00:00:00
RedHat Security Advisory RHSA-2009:0015
2009-01-20 00:00:00
ubuntu
ubuntu
openjdk-6 vulnerabilities
2009-01-27 00:00:00
nessus
nessus
Ubuntu 8.10 : OpenJDK vulnerabilities (USN-713-1)
2009-04-23 00:00:00
RHEL 4 / 5 : java-1.6.0-ibm (RHSA-2009:0015)
2009-08-24 00:00:00
Fedora 10 : java-1.6.0-openjdk-1.6.0.0-7.b12.fc10 (2008-10913)
2009-04-23 00:00:00
securityvulns
securityvulns
[USN-713-1] openjdk-6 vulnerabilities
2009-01-31 00:00:00
Sun Java JRE / JDK / Web Start multiple security vulnerabilities
2009-04-23 00:00:00
redhat
redhat
(RHSA-2009:0015) Critical: java-1.6.0-ibm security update
2009-01-13 00:00:00
(RHSA-2009:0466) Low: java-1.5.0-ibm security update
2009-05-07 00:00:00
(RHSA-2009:0445) Critical: java-1.4.2-ibm security update
2009-04-23 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-7.b12.fc10
2008-12-07 04:33:22
[SECURITY] Fedora 9 Update: java-1.6.0-openjdk-1.6.0.0-0.20.b09.fc9
2008-12-07 04:27:51
suse
suse
local privilege escalation in IBMJava5-JRE,java-1_5_0-ibm
2009-01-29 14:08:00
remote code execution in IBM Java 1.4.2 and 6
2009-04-07 14:51:07
remote code execution in Sun Java
2009-01-09 15:49:38
vmware
vmware
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
oracle
oracle
cpuapr2009.html
2009-04-14 00:00:00
gentoo
gentoo
Sun JDK/JRE: Multiple vulnerabilities
2009-11-17 00:00:00

AI Score

7.5

Confidence

High

EPSS

0.971

Percentile

99.8%

JSON
Related for CVELIST:CVE-2008-5353
cve1canvas2packetstorm2seebug7exploitpack2ubuntucve1metasploit1prion1threatpost3symantec1nvd1exploitdb4checkpoint_advisories1openvas41ubuntu1nessus32securityvulns2redhat6fedora2suse3vmware2oracle1gentoo1