CVE-2008-1193

Severity

93%

Complexity

86%

Confidentiality

165%

Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.

Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

Sun

First reported 16 years ago

2008-03-06 21:44:00

Last updated 5 years ago

2019-07-31 12:41:00

Affected Software

Sun JDK 1.5.0

1.5.0

Sun JDK 5.0 Update1

1.5.0

Sun JDK 5.0 Update10

1.5.0

Sun JDK 5.0 Update11

1.5.0

Sun JDK 5.0 Update12

1.5.0

Sun JDK 5.0 Update 13

1.5.0

Sun JDK 5.0 Update 14

1.5.0

Sun JDK 5.0 Update2

1.5.0

Sun JDK 5.0 Update3

1.5.0

Sun JDK 5.0 Update4

1.5.0

Sun JDK 5.0 Update5

1.5.0

Sun JDK 1.5.0_6

1.5.0

Sun JDK 5.0 Update7

1.5.0

Sun JDK 5.0 Update8

1.5.0

Sun JDK 5.0 Update9

1.5.0

Sun JDK 1.6.0

1.6.0

Sun JDK 1.6.0 Update 3

1.6.0

Sun JDK 1.6.0 Update 4

1.6.0

Sun JRE 1.5.0

1.5.0

Sun JRE 1.5.0_1 (JRE 5.0 Update 1)

1.5.0

Sun JRE 1.5.0_10 (JRE 5.0 Update 10)

1.5.0

Sun JRE 1.5.0_11 (JRE 5.0 Update 11)

1.5.0

Sun JRE 1.5.0_12 (JRE 5.0 Update 12)

1.5.0

Sun JRE 1.5.0_13 (JRE 5.0 Update 13)

1.5.0

Sun JRE 1.5.0_14 (JRE 5.0 Update 14)

1.5.0

Sun JRE 1.5.0_2 (JRE 5.0 Update 2)

1.5.0

Sun JRE 1.5.0_3 (JRE 5.0 Update 3)

1.5.0

Sun JRE 1.5.0_4 (JRE 5.0 Update 4)

1.5.0

Sun JRE 1.5.0_5 (JRE 5.0 Update 5)

1.5.0

Sun JRE 1.5.0_6 (JRE 5.0 Update 6)

1.5.0

Sun JRE 1.5.0_7 (JRE 5.0 Update 7)

1.5.0

Sun JRE 1.5.0_8 (JRE 5.0 Update 8)

1.5.0

Sun JRE 1.5.0_9 (JRE 5.0 Update 9)

1.5.0

Sun JRE 1.6.0

1.6.0

Sun JRE 1.6.0 Update 1

1.6.0

Sun JRE 1.6.0 Update 2

1.6.0

Sun JRE 1.6.0 Update 3

1.6.0

Sun JRE 1.6.0 Update 4

1.6.0

References

BEA08-201.00

Third Party Advisory

APPLE-SA-2008-09-24

Mailing List, Third Party Advisory

SUSE-SA:2008:018

Mailing List, Third Party Advisory

SUSE-SA:2008:025

Mailing List, Third Party Advisory

29239

Third Party Advisory

29273

Third Party Advisory

29498

Third Party Advisory

29582

Third Party Advisory

29841

Third Party Advisory

29858

Third Party Advisory

29897

Third Party Advisory

30003

Third Party Advisory

30676

Third Party Advisory

30780

Third Party Advisory

31497

Third Party Advisory

32018

Third Party Advisory

GLSA-200804-28

Third Party Advisory

233325

Patch, Third Party Advisory

http://support.apple.com/kb/HT3178

Third Party Advisory

http://support.apple.com/kb/HT3179

Third Party Advisory

GLSA-200804-20

Third Party Advisory

GLSA-200806-11

Third Party Advisory

RHSA-2008:0186

Third Party Advisory

RHSA-2008:0210

Third Party Advisory

RHSA-2008:0244

Third Party Advisory

RHSA-2008:0245

Third Party Advisory

RHSA-2008:0267

Third Party Advisory

28125

Third Party Advisory, VDB Entry

1019551

Third Party Advisory, VDB Entry

TA08-066A

Third Party Advisory, US Government Resource

http://www.vmware.com/security/advisories/VMSA-2008-0010.html

Third Party Advisory

ADV-2008-0770

Third Party Advisory

ADV-2008-1252

Third Party Advisory

ADV-2008-1856

Third Party Advisory

sun-jre-imagelibrary-privilege-escalation(41028)

Third Party Advisory, VDB Entry

oval:org.mitre.oval:def:11409

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.