CVE-2008-5359

CVSS V2 High 9.3 CVSS V3 None
Description
Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the Java AWT library.
Overview
  • CVE ID
  • CVE-2008-5359
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2008-12-05T11:30:00
  • Last Modified Date
  • 2019-10-09T22:56:59
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.3.1_23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.3.1_23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_04:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_08:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_09:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:sun:sdk:1.4.2_18:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:C/I:C/A:C
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 9.3
  • Severity
  • HIGH
  • Exploitability Score
  • 8.6
  • Impact Score
  • 10
References
Reference URL Reference Tags
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244987-1 Patch Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2008-1025.html Third Party Advisory
http://secunia.com/advisories/33015 Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2008-1018.html Third Party Advisory
http://secunia.com/advisories/32991 Third Party Advisory
http://www.securityfocus.com/bid/32608 Third Party Advisory VDB Entry
http://www.zerodayinitiative.com/advisories/ZDI-08-080/ Third Party Advisory VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html Mailing List Third Party Advisory
http://secunia.com/advisories/33709 Third Party Advisory
http://secunia.com/advisories/33710 Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-340A.html Third Party Advisory US Government Resource
http://secunia.com/advisories/33187 Third Party Advisory
http://secunia.com/advisories/33528 Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-0015.html Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-485.htm Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html Mailing List Third Party Advisory
http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm Third Party Advisory
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid= Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-0016.html Third Party Advisory
http://secunia.com/advisories/34233 Third Party Advisory
http://www.vupen.com/english/advisories/2009/0672 Third Party Advisory
http://secunia.com/advisories/34259 Third Party Advisory
http://marc.info/?l=bugtraq&m=123678756409861&w=2 Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html Mailing List Third Party Advisory
http://secunia.com/advisories/34605 Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-0445.html Third Party Advisory
http://secunia.com/advisories/34889 Third Party Advisory
http://secunia.com/advisories/35065 Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html Mailing List Third Party Advisory
https://rhn.redhat.com/errata/RHSA-2009-0466.html Third Party Advisory
http://secunia.com/advisories/34972 Third Party Advisory
http://security.gentoo.org/glsa/glsa-200911-02.xml Third Party Advisory
http://secunia.com/advisories/37386 Third Party Advisory
http://secunia.com/advisories/38539 Third Party Advisory
http://www.vupen.com/english/advisories/2008/3339 Third Party Advisory
http://marc.info/?l=bugtraq&m=126583436323697&w=2 Mailing List Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/47048 Mailing List Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5841 Third Party Advisory
History
Created Old Value New Value Data Type Notes
2022-05-10 17:15:20 Added to TrackCVE