CVE Vulnerabilities

CVE-2008-5353

Published: Dec 05, 2008 | Modified: Oct 11, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by deserializing Calendar objects.

Affected Software

Name Vendor Start Version End Version
Jdk Sun 5.0 5.0
Jre Sun 6 6
Jre Sun 1.4.2_7 1.4.2_7
Jdk Sun 5.0 5.0
Jdk Sun * 5.0
Jre Sun 1.4.2_16 1.4.2_16
Jdk Sun 5.0 5.0
Jre Sun 5.0 5.0
Jre Sun 5.0 5.0
Jdk Sun 5.0 5.0
Jre Sun 1.4.2_4 1.4.2_4
Sdk Sun 1.4.2_10 1.4.2_10
Sdk Sun 1.4.2_12 1.4.2_12
Jre Sun 1.4.2_2 1.4.2_2
Jdk Sun 6 6
Jdk Sun 6 6
Jdk Sun 5.0 5.0
Jre Sun 5.0 5.0
Jre Sun 6 6
Jre Sun 6 6
Jre Sun 5.0 5.0
Sdk Sun 1.4.2_17 1.4.2_17
Sdk Sun 1.4.2_14 1.4.2_14
Jdk Sun 5.0 5.0
Jre Sun 1.4.2_15 1.4.2_15
Jdk Sun 6 6
Jdk Sun 6 6
Jdk Sun 6 6
Jre Sun 1.4.2_13 1.4.2_13
Jre Sun 1.4.2_1 1.4.2_1
Jdk Sun 6 6
Sdk Sun 1.4.2_13 1.4.2_13
Jre Sun 1.4.2_8 1.4.2_8
Jdk Sun 5.0 5.0
Sdk Sun 1.4.2_6 1.4.2_6
Jre Sun 6 6
Jre Sun 5.0 5.0
Jre Sun 6 6
Jdk Sun 6 6
Sdk Sun * 1.4.2_18
Jre Sun * 1.4.2_18
Sdk Sun 1.4.2_2 1.4.2_2
Sdk Sun 1.4.2_5 1.4.2_5
Jre Sun 5.0 5.0
Jre Sun 1.4.2_12 1.4.2_12
Sdk Sun 1.4.2_1 1.4.2_1
Jre Sun 5.0 5.0
Jre Sun * 6
Jdk Sun * 6
Jre Sun 5.0 5.0
Jdk Sun 5.0 5.0
Jre Sun 5.0 5.0
Sdk Sun 1.4.2_4 1.4.2_4
Jre Sun 1.4.2_14 1.4.2_14
Jre Sun 6 6
Jdk Sun 5.0 5.0
Jdk Sun 6 6
Jre Sun 5.0 5.0
Jre Sun 1.4.2_10 1.4.2_10
Jre Sun * 5.0
Jre Sun 1.4.2_17 1.4.2_17
Jdk Sun 6 6
Sdk Sun 1.4.2_7 1.4.2_7
Jre Sun 6 6
Jre Sun 6 6
Sdk Sun 1.4.2_8 1.4.2_8
Jdk Sun 5.0 5.0
Jre Sun 5.0 5.0
Jre Sun 1.4.2_9 1.4.2_9
Sdk Sun 1.4.2_16 1.4.2_16
Sdk Sun 1.4.2_11 1.4.2_11
Jre Sun 5.0 5.0
Jre Sun 5.0 5.0
Jre Sun 1.4.2_11 1.4.2_11
Sdk Sun 1.4.2_9 1.4.2_9
Jre Sun 6 6
Jdk Sun 6 6
Jdk Sun 5.0 5.0
Sdk Sun 1.4.2_3 1.4.2_3
Jre Sun 1.4.2_3 1.4.2_3
Jre Sun 1.4.2_5 1.4.2_5
Jdk Sun 5.0 5.0
Jre Sun 5.0 5.0
Sdk Sun 1.4.2_15 1.4.2_15
Jdk Sun 5.0 5.0
Jdk Sun 5.0 5.0
Jre Sun 6 6
Jre Sun 5.0 5.0
Jre Sun 1.4.2_6 1.4.2_6
Jre Sun 5.0 5.0
Jdk Sun 5.0 5.0

References