[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247974

 
 

909

 
 

194654

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-5347Date: (C)2008-12-05   (M)2023-12-22


Multiple unspecified vulnerabilities in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the (1) JAX-WS and (2) JAXB packages.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SUNALERT-1019798
SECTRACK-1021307
SUNALERT-246366
BID-32608
SECUNIA-32991
SECUNIA-33015
SECUNIA-33528
SECUNIA-33709
SECUNIA-34233
SECUNIA-34259
SECUNIA-37386
SECUNIA-38539
OSVDB-50506
ADV-2008-3339
ADV-2009-0672
GLSA-200911-02
RHSA-2008:1018
RHSA-2009:0015
SSRT080111
SSRT090049
SUSE-SR:2009:006
TA08-340A
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=
http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf
jre-jaxws-jaxb-privilege-escalation(47068)
oval:org.mitre.oval:def:5633

CWE    1
CWE-264
OVAL    3
oval:org.secpod.oval:def:400075
oval:org.secpod.oval:def:700363
oval:org.secpod.oval:def:19782

© SecPod Technologies