CVE-2008-1185

Severity

93%

Complexity

86%

Confidentiality

165%

Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka "the first issue."

Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka "the first issue."

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

First reported 16 years ago

2008-03-06 21:44:00

Last updated 5 years ago

2019-07-31 12:35:00

Affected Software

Sun JDK 1.5.0

1.5.0

Sun JDK 5.0 Update1

1.5.0

Sun JDK 5.0 Update10

1.5.0

Sun JDK 5.0 Update11

1.5.0

Sun JDK 5.0 Update12

1.5.0

Sun JDK 5.0 Update 13

1.5.0

Sun JDK 5.0 Update 14

1.5.0

Sun JDK 5.0 Update2

1.5.0

Sun JDK 5.0 Update3

1.5.0

Sun JDK 5.0 Update4

1.5.0

Sun JDK 5.0 Update5

1.5.0

Sun JDK 1.5.0_6

1.5.0

Sun JDK 5.0 Update7

1.5.0

Sun JDK 5.0 Update8

1.5.0

Sun JDK 5.0 Update9

1.5.0

Sun JDK 1.6.0

1.6.0

Sun JDK 1.6.0 Update 3

1.6.0

Sun JDK 1.6.0 Update 4

1.6.0

Sun JRE 1.4.2

1.4.2

Sun JRE 1.4.2_1

1.4.2_1

Sun JRE 1.4.2_2

1.4.2_2

Sun JRE 1.4.2_3

1.4.2_3

Sun JRE 1.4.2_4

1.4.2_4

Sun JRE 1.4.2_5

1.4.2_5

Sun JRE 1.4.2_6

1.4.2_6

Sun JRE 1.4.2_7

1.4.2_7

Sun JRE 1.4.2_8

1.4.2_8

Sun JRE 1.4.2_9

1.4.2_9

Sun JRE 1.4.2_10

1.4.2_10

Sun JRE 1.4.2_11

1.4.2_11

Sun JRE 1.4.2_12

1.4.2_12

Sun JRE 1.4.2_13

1.4.2_13

Sun JRE 1.4.2_14

1.4.2_14

Sun JRE 1.4.2_15

1.4.2_15

Sun JRE 1.4.2_16

1.4.2_16

Sun JRE 1.5.0

1.5.0

Sun JRE 1.5.0_1 (JRE 5.0 Update 1)

1.5.0

Sun JRE 1.5.0_10 (JRE 5.0 Update 10)

1.5.0

Sun JRE 1.5.0_11 (JRE 5.0 Update 11)

1.5.0

Sun JRE 1.5.0_12 (JRE 5.0 Update 12)

1.5.0

Sun JRE 1.5.0_13 (JRE 5.0 Update 13)

1.5.0

Sun JRE 1.5.0_14 (JRE 5.0 Update 14)

1.5.0

Sun JRE 1.5.0_2 (JRE 5.0 Update 2)

1.5.0

Sun JRE 1.5.0_3 (JRE 5.0 Update 3)

1.5.0

Sun JRE 1.5.0_4 (JRE 5.0 Update 4)

1.5.0

Sun JRE 1.5.0_5 (JRE 5.0 Update 5)

1.5.0

Sun JRE 1.5.0_6 (JRE 5.0 Update 6)

1.5.0

Sun JRE 1.5.0_7 (JRE 5.0 Update 7)

1.5.0

Sun JRE 1.5.0_8 (JRE 5.0 Update 8)

1.5.0

Sun JRE 1.5.0_9 (JRE 5.0 Update 9)

1.5.0

Sun JRE 1.6.0

1.6.0

Sun JRE 1.6.0 Update 1

1.6.0

Sun JRE 1.6.0 Update 2

1.6.0

Sun JRE 1.6.0 Update 3

1.6.0

Sun JRE 1.6.0 Update 4

1.6.0

SDK 1.4.2

1.4.2

Sun SDK 1.4.2_1

1.4.2_1

Sun SDK 1.4.2_2

1.4.2_2

Sun SDK 1.4.2_3

1.4.2_3

Sun SDK 1.4.2_4

1.4.2_4

Sun SDK 1.4.2_5

1.4.2_5

Sun SDK 1.4.2_6

1.4.2_6

Sun SDK 1.4.2_7

1.4.2_7

Sun SDK 1.4.2_8

1.4.2_8

Sun SDK 1.4.2_9

1.4.2_9

Sun SDK 1.4.2_10

1.4.2_10

Sun SDK 1.4.2_11

1.4.2_11

Sun SDK 1.4.2_12

1.4.2_12

Sun SDK 1.4.2_13

1.4.2_13

Sun SDK 1.4.2_14

1.4.2_14

Sun SDK 1.4.2_15

1.4.2_15

Sun SDK 1.4.2_16

1.4.2_16

References

APPLE-SA-2008-09-24

Mailing List, Third Party Advisory

SUSE-SA:2008:018

Mailing List, Third Party Advisory

29239

Third Party Advisory

29273

Third Party Advisory

29582

Third Party Advisory

29858

Third Party Advisory

30676

Third Party Advisory

30780

Third Party Advisory

32018

Third Party Advisory

GLSA-200804-28

Third Party Advisory

1019555

Third Party Advisory, VDB Entry

233321

Patch, Third Party Advisory

http://support.apple.com/kb/HT3178

Third Party Advisory

http://support.apple.com/kb/HT3179

Third Party Advisory

GLSA-200804-20

Third Party Advisory

GLSA-200806-11

Third Party Advisory

RHSA-2008:0186

Third Party Advisory

TA08-066A

Third Party Advisory, US Government Resource

http://www.vmware.com/security/advisories/VMSA-2008-0010.html

Third Party Advisory

ADV-2008-0770

Third Party Advisory

ADV-2008-1856

Third Party Advisory

java-virtualmachine-multiple-priv-escalation(41025)

Third Party Advisory, VDB Entry

sun-jre-unspecified-priv-escalation(41138)

Third Party Advisory, VDB Entry

oval:org.mitre.oval:def:9672

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.