CVE-2008-0657

critical

Description

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11505

http://www.vupen.com/english/advisories/2008/1856/references

http://www.vupen.com/english/advisories/2008/1252

http://www.vupen.com/english/advisories/2008/0429

http://www.vmware.com/security/advisories/VMSA-2008-0010.html

http://www.securitytracker.com/id?1019308

http://www.securityfocus.com/bid/27650

http://www.redhat.com/support/errata/RHSA-2008-0210.html

http://www.redhat.com/support/errata/RHSA-2008-0156.html

http://www.redhat.com/support/errata/RHSA-2008-0123.html

http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml

http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-231261-1

http://security.gentoo.org/glsa/glsa-200804-28.xml

http://secunia.com/advisories/31497

http://secunia.com/advisories/30780

http://secunia.com/advisories/30676

http://secunia.com/advisories/29897

http://secunia.com/advisories/29858

http://secunia.com/advisories/29841

http://secunia.com/advisories/29498

http://secunia.com/advisories/29214

http://secunia.com/advisories/28888

http://secunia.com/advisories/28795

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html

http://dev2dev.bea.com/pub/advisory/277

Details

Source: Mitre, NVD

Published: 2008-02-07

Updated: 2017-09-29

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical