CVE-2008-1187

Severity

68%

Complexity

86%

Confidentiality

106%

Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.

Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

First reported 16 years ago

2008-03-06 21:44:00

Last updated 7 years ago

2017-09-29 01:30:00

Affected Software

Sun JRE 1.4.2_1

1.4.2_1

Sun JRE 1.4.2_10

1.4.2_10

Sun JRE 1.4.2_11

1.4.2_11

Sun JRE 1.4.2_12

1.4.2_12

Sun JRE 1.4.2_13

1.4.2_13

Sun JRE

SDK 1.4.2

1.4.2

Sun SDK 1.4.2_1

1.4.2_1

SDK 1.4.2_02

1.4.2_02

SDK 1.4.2_03

1.4.2_03

SDK 1.4.2_04

1.4.2_04

Sun SDK 1.4.2_08

1.4.2_08

Sun SDK 1.4.2_09

1.4.2_09

Sun SDK 1.4.2_10

1.4.2_10

Sun SDK 1.4.2_11

1.4.2_11

Sun SDK 1.4.2_12

1.4.2_12

Sun SDK 1.4.2_13

1.4.2_13

Sun SDK 1.4.2_14

1.4.2_14

Sun SDK 1.4.2_15

1.4.2_15

Sun SDK

References

BEA08-201.00

http://download.novell.com/Download?buildid=q5exhSqeBjA~

Patch

JVN#04032535

JVNDB-2008-000016

APPLE-SA-2008-09-24

SUSE-SA:2008:018

SUSE-SA:2008:025

29239

Vendor Advisory

29273

Vendor Advisory

29498

Vendor Advisory

29582

Vendor Advisory

29841

Vendor Advisory

29858

Vendor Advisory

29897

Vendor Advisory

29999

Vendor Advisory

30003

Vendor Advisory

30676

Vendor Advisory

30780

Vendor Advisory

31067

Vendor Advisory

31497

Vendor Advisory

31580

Vendor Advisory

31586

Vendor Advisory

32018

Vendor Advisory

GLSA-200804-28

233322

Patch, Vendor Advisory

http://support.apple.com/kb/HT3178

http://support.apple.com/kb/HT3179

http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033642.html

GLSA-200804-20

GLSA-200806-11

RHSA-2008:0186

RHSA-2008:0210

RHSA-2008:0243

RHSA-2008:0244

RHSA-2008:0245

RHSA-2008:0267

RHSA-2008:0555

1019548

TA08-066A

US Government Resource

http://www.vmware.com/security/advisories/VMSA-2008-0010.html

Patch

ADV-2008-0770

Vendor Advisory

ADV-2008-1252

Vendor Advisory

ADV-2008-1856

Vendor Advisory

java-virtualmachine-multiple-priv-escalation(41025)

oval:org.mitre.oval:def:10278

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.