CVE-2008-1190

Severity

93%

Complexity

86%

Confidentiality

165%

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue.

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue.

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

First reported 16 years ago

2008-03-06 21:44:00

Last updated 5 years ago

2019-07-31 12:40:00

Affected Software

Sun JDK 1.5.0

1.5.0

Sun JDK 5.0 Update1

1.5.0

Sun JDK 5.0 Update10

1.5.0

Sun JDK 5.0 Update11

1.5.0

Sun JDK 5.0 Update12

1.5.0

Sun JDK 5.0 Update 13

1.5.0

Sun JDK 5.0 Update 14

1.5.0

Sun JDK 5.0 Update2

1.5.0

Sun JDK 5.0 Update3

1.5.0

Sun JDK 5.0 Update4

1.5.0

Sun JDK 5.0 Update5

1.5.0

Sun JDK 1.5.0_6

1.5.0

Sun JDK 5.0 Update7

1.5.0

Sun JDK 5.0 Update8

1.5.0

Sun JDK 5.0 Update9

1.5.0

Sun JDK 1.6.0

1.6.0

Sun JDK 1.6.0 Update 3

1.6.0

Sun JDK 1.6.0 Update 4

1.6.0

Sun JRE 1.4.2

1.4.2

Sun JRE 1.4.2_1

1.4.2_1

Sun JRE 1.4.2_2

1.4.2_2

Sun JRE 1.4.2_3

1.4.2_3

Sun JRE 1.4.2_4

1.4.2_4

Sun JRE 1.4.2_5

1.4.2_5

Sun JRE 1.4.2_6

1.4.2_6

Sun JRE 1.4.2_7

1.4.2_7

Sun JRE 1.4.2_8

1.4.2_8

Sun JRE 1.4.2_9

1.4.2_9

Sun JRE 1.4.2_10

1.4.2_10

Sun JRE 1.4.2_11

1.4.2_11

Sun JRE 1.4.2_12

1.4.2_12

Sun JRE 1.4.2_13

1.4.2_13

Sun JRE 1.4.2_14

1.4.2_14

Sun JRE 1.4.2_15

1.4.2_15

Sun JRE 1.4.2_16

1.4.2_16

Sun JRE 1.5.0

1.5.0

Sun JRE 1.5.0_1 (JRE 5.0 Update 1)

1.5.0

Sun JRE 1.5.0_10 (JRE 5.0 Update 10)

1.5.0

Sun JRE 1.5.0_11 (JRE 5.0 Update 11)

1.5.0

Sun JRE 1.5.0_12 (JRE 5.0 Update 12)

1.5.0

Sun JRE 1.5.0_13 (JRE 5.0 Update 13)

1.5.0

Sun JRE 1.5.0_14 (JRE 5.0 Update 14)

1.5.0

Sun JRE 1.5.0_2 (JRE 5.0 Update 2)

1.5.0

Sun JRE 1.5.0_3 (JRE 5.0 Update 3)

1.5.0

Sun JRE 1.5.0_4 (JRE 5.0 Update 4)

1.5.0

Sun JRE 1.5.0_5 (JRE 5.0 Update 5)

1.5.0

Sun JRE 1.5.0_6 (JRE 5.0 Update 6)

1.5.0

Sun JRE 1.5.0_7 (JRE 5.0 Update 7)

1.5.0

Sun JRE 1.5.0_8 (JRE 5.0 Update 8)

1.5.0

Sun JRE 1.5.0_9 (JRE 5.0 Update 9)

1.5.0

Sun JRE 1.6.0

1.6.0

Sun JRE 1.6.0 Update 1

1.6.0

Sun JRE 1.6.0 Update 2

1.6.0

Sun JRE 1.6.0 Update 3

1.6.0

Sun JRE 1.6.0 Update 4

1.6.0

SDK 1.4.2

1.4.2

Sun SDK 1.4.2_1

1.4.2_1

Sun SDK 1.4.2_2

1.4.2_2

Sun SDK 1.4.2_3

1.4.2_3

Sun SDK 1.4.2_4

1.4.2_4

Sun SDK 1.4.2_5

1.4.2_5

Sun SDK 1.4.2_6

1.4.2_6

Sun SDK 1.4.2_7

1.4.2_7

Sun SDK 1.4.2_8

1.4.2_8

Sun SDK 1.4.2_9

1.4.2_9

Sun SDK 1.4.2_10

1.4.2_10

Sun SDK 1.4.2_11

1.4.2_11

Sun SDK 1.4.2_12

1.4.2_12

Sun SDK 1.4.2_13

1.4.2_13

Sun SDK 1.4.2_14

1.4.2_14

Sun SDK 1.4.2_15

1.4.2_15

Sun SDK 1.4.2_16

1.4.2_16

References

APPLE-SA-2008-09-24

Mailing List, Third Party Advisory

SUSE-SA:2008:018

Mailing List, Third Party Advisory

SUSE-SA:2008:025

Mailing List, Third Party Advisory

29239

Third Party Advisory

29273

Third Party Advisory

29498

Third Party Advisory

29582

Third Party Advisory

29858

Third Party Advisory

29897

Third Party Advisory

30676

Third Party Advisory

30780

Third Party Advisory

31497

Third Party Advisory

32018

Third Party Advisory

GLSA-200804-28

Third Party Advisory

233323

Third Party Advisory

http://support.apple.com/kb/HT3178

Third Party Advisory

http://support.apple.com/kb/HT3179

Third Party Advisory

GLSA-200804-20

Third Party Advisory

GLSA-200806-11

Third Party Advisory

RHSA-2008:0186

Third Party Advisory

RHSA-2008:0210

Third Party Advisory

RHSA-2008:0267

Third Party Advisory

1019549

Third Party Advisory, VDB Entry

TA08-066A

Third Party Advisory, US Government Resource

http://www.vmware.com/security/advisories/VMSA-2008-0010.html

Third Party Advisory

ADV-2008-0770

Third Party Advisory

ADV-2008-1856

Third Party Advisory

javawebstart-application-priv-escalation(41029)

Third Party Advisory, VDB Entry

oval:org.mitre.oval:def:9914

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.