Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2008-1186 (GCVE-0-2008-1186)
Vulnerability from cvelistv5 – Published: 2008-03-06 21:00 – Updated: 2024-08-07 08:08
VLAI?
EPSS
Summary
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "1019555",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019555"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "java-virtualmachine-multiple-priv-escalation(41025)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "oval:org.mitre.oval:def:9585",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "233321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "sun-jre-unspecified-priv-escalation(41138)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41138"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2008-09-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "1019555",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019555"
},
{
"name": "SUSE-SA:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "32018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "java-virtualmachine-multiple-priv-escalation(41025)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"name": "GLSA-200804-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "oval:org.mitre.oval:def:9585",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585"
},
{
"name": "29239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "30780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "233321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1"
},
{
"name": "ADV-2008-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "sun-jre-unspecified-priv-escalation(41138)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41138"
},
{
"name": "RHSA-2008:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "1019555",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019555"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "java-virtualmachine-multiple-priv-escalation(41025)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "oval:org.mitre.oval:def:9585",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "233321",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "sun-jre-unspecified-priv-escalation(41138)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41138"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1186",
"datePublished": "2008-03-06T21:00:00",
"dateReserved": "2008-03-06T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE8E883F-E13D-4FB0-8C6F-B7628600E8D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AADA633-EB11-49A0-8E40-66589034F03E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*\", \"matchCriteriaId\": \"19DC29C5-1B9F-46DF-ACF6-3FF93E45777D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*\", \"matchCriteriaId\": \"B120F7D9-7C1E-4716-B2FA-2990D449F754\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD61E49F-2A46-4107-BB3F-527079983306\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"28BE548B-DD0C-4C58-98CA-5B803F04F9EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F8E9AA0-8907-4B1A-86A1-08568195217D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*\", \"matchCriteriaId\": \"A337AD31-4566-4A4E-AFF3-7EAECD5C90F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*\", \"matchCriteriaId\": \"0754AFDC-2F1C-4C06-AB46-457B5E610029\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*\", \"matchCriteriaId\": \"532CF9DD-0EBB-4B3B-BB9C-A8D78947A790\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5DA4242-30D9-44C8-9D0D-877348FFA22B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*\", \"matchCriteriaId\": \"C61C6043-99D0-4F36-AF84-1A5F90B895EE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63978872-E797-4F13-B0F9-98CB67D0962A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1EEAB662-644A-4D7B-8237-64142CF48724\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9598A49-95F2-42DB-B92C-CD026F739B83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BED1009E-AE60-43A0-A0F5-38526EFCF423\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D011585C-0E62-4233-85FA-F29A07D68DA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F226D898-F0E8-41D8-BF40-54DE9FB5426D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE28C283-447A-4F83-B96B-69F96E663C1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D102063B-2434-4141-98E7-2DE501AE1728\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03B8CD03-CD31-4F4D-BA90-59435578A4F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41A994BF-1F64-480A-8AA5-748DDD0AB68C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88519F2D-AD06-4F05-BEDA-A09216F1B481\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC728978-368D-4B36-B149-70473E92BD1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD5187B1-CB86-48E8-A595-9FCFD9822C0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C660DE4-543A-4E9B-825D-CD099D08CBD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"318719C9-7B01-4021-B2EF-8341254DFE6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7FC09E8-7F30-4FE4-912E-588AA250E2A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*\", \"matchCriteriaId\": \"A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*\", \"matchCriteriaId\": \"9919D091-73D7-465A-80FF-F37D6CAF9F46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*\", \"matchCriteriaId\": \"02565D6F-4CB2-4671-A4EF-3169BCFA6154\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*\", \"matchCriteriaId\": \"452A3E51-9EAC-451D-BA04-A1E7B7D917EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EA5B9E9-654D-44F7-AE98-3D8B382804AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*\", \"matchCriteriaId\": \"44051CFE-D15D-4416-A123-F3E49C67A9E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*\", \"matchCriteriaId\": \"F296ACF3-1373-429D-B991-8B5BA704A7EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*\", \"matchCriteriaId\": \"B863420B-DE16-416A-9640-1A1340A9B855\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*\", \"matchCriteriaId\": \"724C972F-74FE-4044-BBC4-7E0E61FC9002\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*\", \"matchCriteriaId\": \"46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBE909DE-E55A-4BD3-A5BF-ADE407432193\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DAC04D2-68FD-4793-A8E7-4690A543D7D4\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"002CA86D-3090-4C7A-947A-21CB5D1ADD98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F6453C9-7EE0-4FFB-861D-C2D9416DCABA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89BF16DE-EEAB-4DA5-BFF1-7A0A58DE141F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DDE253E-C8B6-4C1D-AECE-ABEA1A67306B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A56D9A60-F272-4D4C-A9DD-C93DAF783585\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF109CAA-E8D2-4BD7-BE7C-AF8B2A78672E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"976F4ACB-3725-45B7-B2EF-DEE4B88254E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52BDD6A8-1611-4C3C-865D-6EDB5B9F8D88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A1F28FF-652A-4C89-9AC6-5E212F890811\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96A8C351-E9CD-431B-8B9D-712CA54C7213\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36888382-79C8-4C97-A654-C668CD68556F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F34C99E6-F9F0-4EF3-8601-B47EAE3D7273\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A74DD08D-CEDB-460E-BED5-78F6CAF18BF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4F64FBC-DC97-4FE3-A235-18B87945AF7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85048406-9051-4E69-94A8-5C449F3B89E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1C88DD7-0B46-4405-BD35-60D27E2DBA14\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \\\"the second issue.\\\"\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad no especificada en la M\\u00e1quina Virtual para Sun Java Runtime Environment (JRE) y JDK versi\\u00f3n 5.0 Update 13 y anteriores, y SDK/JRE versi\\u00f3n 1.4.2_16 y anteriores, permite a atacantes remotos alcanzar privilegios por medio de una aplicaci\\u00f3n o applet no confiable, un problema diferente de CVE-2008-1185, tambi\\u00e9n se conoce como \\\"the second issue.\\\"\"}]",
"id": "CVE-2008-1186",
"lastModified": "2024-11-21T00:43:53.030",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2008-03-06T21:44:00.000",
"references": "[{\"url\": \"http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29239\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29273\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29582\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29858\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30676\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30780\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32018\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200804-28.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1019555\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT3178\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT3179\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0186.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-066A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2008-0010.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0770/references\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1856/references\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/41025\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/41138\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29239\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29273\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29582\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29858\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30676\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30780\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32018\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200804-28.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1019555\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT3178\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT3179\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0186.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-066A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2008-0010.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0770/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1856/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/41025\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/41138\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2008-1186\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-03-06T21:44:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \\\"the second issue.\\\"\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad no especificada en la M\u00e1quina Virtual para Sun Java Runtime Environment (JRE) y JDK versi\u00f3n 5.0 Update 13 y anteriores, y SDK/JRE versi\u00f3n 1.4.2_16 y anteriores, permite a atacantes remotos alcanzar privilegios por medio de una aplicaci\u00f3n o applet no confiable, un problema diferente de CVE-2008-1185, tambi\u00e9n se conoce como \\\"the second issue.\\\"\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8E883F-E13D-4FB0-8C6F-B7628600E8D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AADA633-EB11-49A0-8E40-66589034F03E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"19DC29C5-1B9F-46DF-ACF6-3FF93E45777D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*\",\"matchCriteriaId\":\"B120F7D9-7C1E-4716-B2FA-2990D449F754\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD61E49F-2A46-4107-BB3F-527079983306\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"28BE548B-DD0C-4C58-98CA-5B803F04F9EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F8E9AA0-8907-4B1A-86A1-08568195217D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A337AD31-4566-4A4E-AFF3-7EAECD5C90F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"0754AFDC-2F1C-4C06-AB46-457B5E610029\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"532CF9DD-0EBB-4B3B-BB9C-A8D78947A790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5DA4242-30D9-44C8-9D0D-877348FFA22B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"C61C6043-99D0-4F36-AF84-1A5F90B895EE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63978872-E797-4F13-B0F9-98CB67D0962A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EEAB662-644A-4D7B-8237-64142CF48724\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9598A49-95F2-42DB-B92C-CD026F739B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BED1009E-AE60-43A0-A0F5-38526EFCF423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D011585C-0E62-4233-85FA-F29A07D68DA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F226D898-F0E8-41D8-BF40-54DE9FB5426D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE28C283-447A-4F83-B96B-69F96E663C1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D102063B-2434-4141-98E7-2DE501AE1728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03B8CD03-CD31-4F4D-BA90-59435578A4F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41A994BF-1F64-480A-8AA5-748DDD0AB68C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88519F2D-AD06-4F05-BEDA-A09216F1B481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC728978-368D-4B36-B149-70473E92BD1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD5187B1-CB86-48E8-A595-9FCFD9822C0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C660DE4-543A-4E9B-825D-CD099D08CBD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"318719C9-7B01-4021-B2EF-8341254DFE6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7FC09E8-7F30-4FE4-912E-588AA250E2A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"9919D091-73D7-465A-80FF-F37D6CAF9F46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*\",\"matchCriteriaId\":\"02565D6F-4CB2-4671-A4EF-3169BCFA6154\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"452A3E51-9EAC-451D-BA04-A1E7B7D917EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EA5B9E9-654D-44F7-AE98-3D8B382804AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"44051CFE-D15D-4416-A123-F3E49C67A9E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F296ACF3-1373-429D-B991-8B5BA704A7EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B863420B-DE16-416A-9640-1A1340A9B855\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"724C972F-74FE-4044-BBC4-7E0E61FC9002\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBE909DE-E55A-4BD3-A5BF-ADE407432193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DAC04D2-68FD-4793-A8E7-4690A543D7D4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"002CA86D-3090-4C7A-947A-21CB5D1ADD98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F6453C9-7EE0-4FFB-861D-C2D9416DCABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89BF16DE-EEAB-4DA5-BFF1-7A0A58DE141F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DDE253E-C8B6-4C1D-AECE-ABEA1A67306B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A56D9A60-F272-4D4C-A9DD-C93DAF783585\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF109CAA-E8D2-4BD7-BE7C-AF8B2A78672E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"976F4ACB-3725-45B7-B2EF-DEE4B88254E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52BDD6A8-1611-4C3C-865D-6EDB5B9F8D88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A1F28FF-652A-4C89-9AC6-5E212F890811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96A8C351-E9CD-431B-8B9D-712CA54C7213\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36888382-79C8-4C97-A654-C668CD68556F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F34C99E6-F9F0-4EF3-8601-B47EAE3D7273\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74DD08D-CEDB-460E-BED5-78F6CAF18BF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4F64FBC-DC97-4FE3-A235-18B87945AF7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85048406-9051-4E69-94A8-5C449F3B89E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1C88DD7-0B46-4405-BD35-60D27E2DBA14\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29239\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29273\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29582\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29858\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30676\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30780\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/32018\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200804-28.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1019555\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT3178\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT3179\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0186.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-066A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0010.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0770/references\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1856/references\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41025\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41138\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29239\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29273\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29582\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29858\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30676\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30780\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/32018\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200804-28.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1019555\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT3178\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT3179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0186.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-066A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0770/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1856/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41025\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTA-2008-AVI-476
Vulnerability from certfr_avis - Published: - Updated:
De nombreuses vulnérabilités affectant le moteur Java pour Mac OS X peuvent être exploitées afin de provoquer un déni de service, d'exécuter du code arbitraire, de contourner la politique de sécurité et d'accéder à des données sensibles sur un système vulnérable.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Java pour Mac OS X 10.5.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Java pour Mac OS X 10.4 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-1190",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1190"
},
{
"name": "CVE-2008-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1188"
},
{
"name": "CVE-2008-1193",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1193"
},
{
"name": "CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"name": "CVE-2008-1189",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1189"
},
{
"name": "CVE-2008-3115",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3115"
},
{
"name": "CVE-2008-1191",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1191"
},
{
"name": "CVE-2008-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3638"
},
{
"name": "CVE-2008-3637",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3637"
},
{
"name": "CVE-2008-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3106"
},
{
"name": "CVE-2008-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3108"
},
{
"name": "CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"name": "CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"name": "CVE-2008-3150",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3150"
},
{
"name": "CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"name": "CVE-2008-3110",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3110"
},
{
"name": "CVE-2008-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1195"
},
{
"name": "CVE-2008-1187",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1187"
},
{
"name": "CVE-2008-3109",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3109"
},
{
"name": "CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"name": "CVE-2008-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1192"
},
{
"name": "CVE-2008-1185",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1185"
},
{
"name": "CVE-2008-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1196"
},
{
"name": "CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"name": "CVE-2008-1186",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1186"
},
{
"name": "CVE-2008-1194",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1194"
},
{
"name": "CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"name": "CVE-2008-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3105"
}
],
"links": [
{
"title": "Bulletins de s\u00e9curit\u00e9 Apple HT3178 et HT3179 du 24 septembre 2008 :",
"url": "http://support.apple.com/kb/HT3179"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Apple HT3178 et HT3179 du 24 septembre 2008 :",
"url": "http://support.apple.com/kb/HT3178"
}
],
"reference": "CERTA-2008-AVI-476",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-09-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De nombreuses vuln\u00e9rabilit\u00e9s affectant le moteur Java pour Mac OS X\npeuvent \u00eatre exploit\u00e9es afin de provoquer un d\u00e9ni de service, d\u0027ex\u00e9cuter\ndu code arbitraire, de contourner la politique de s\u00e9curit\u00e9 et d\u0027acc\u00e9der\n\u00e0 des donn\u00e9es sensibles sur un syst\u00e8me vuln\u00e9rable.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X Java",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Apple HT3178 et HT3179 du 24 septembre 2008",
"url": null
}
]
}
CERTA-2008-AVI-476
Vulnerability from certfr_avis - Published: - Updated:
De nombreuses vulnérabilités affectant le moteur Java pour Mac OS X peuvent être exploitées afin de provoquer un déni de service, d'exécuter du code arbitraire, de contourner la politique de sécurité et d'accéder à des données sensibles sur un système vulnérable.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Java pour Mac OS X 10.5.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Java pour Mac OS X 10.4 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-1190",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1190"
},
{
"name": "CVE-2008-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1188"
},
{
"name": "CVE-2008-1193",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1193"
},
{
"name": "CVE-2008-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3114"
},
{
"name": "CVE-2008-1189",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1189"
},
{
"name": "CVE-2008-3115",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3115"
},
{
"name": "CVE-2008-1191",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1191"
},
{
"name": "CVE-2008-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3638"
},
{
"name": "CVE-2008-3637",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3637"
},
{
"name": "CVE-2008-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3106"
},
{
"name": "CVE-2008-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3108"
},
{
"name": "CVE-2008-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3111"
},
{
"name": "CVE-2008-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3113"
},
{
"name": "CVE-2008-3150",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3150"
},
{
"name": "CVE-2008-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3104"
},
{
"name": "CVE-2008-3110",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3110"
},
{
"name": "CVE-2008-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1195"
},
{
"name": "CVE-2008-1187",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1187"
},
{
"name": "CVE-2008-3109",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3109"
},
{
"name": "CVE-2008-3103",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3103"
},
{
"name": "CVE-2008-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1192"
},
{
"name": "CVE-2008-1185",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1185"
},
{
"name": "CVE-2008-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1196"
},
{
"name": "CVE-2008-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3112"
},
{
"name": "CVE-2008-1186",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1186"
},
{
"name": "CVE-2008-1194",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1194"
},
{
"name": "CVE-2008-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3107"
},
{
"name": "CVE-2008-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3105"
}
],
"links": [
{
"title": "Bulletins de s\u00e9curit\u00e9 Apple HT3178 et HT3179 du 24 septembre 2008 :",
"url": "http://support.apple.com/kb/HT3179"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Apple HT3178 et HT3179 du 24 septembre 2008 :",
"url": "http://support.apple.com/kb/HT3178"
}
],
"reference": "CERTA-2008-AVI-476",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-09-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De nombreuses vuln\u00e9rabilit\u00e9s affectant le moteur Java pour Mac OS X\npeuvent \u00eatre exploit\u00e9es afin de provoquer un d\u00e9ni de service, d\u0027ex\u00e9cuter\ndu code arbitraire, de contourner la politique de s\u00e9curit\u00e9 et d\u0027acc\u00e9der\n\u00e0 des donn\u00e9es sensibles sur un syst\u00e8me vuln\u00e9rable.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X Java",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Apple HT3178 et HT3179 du 24 septembre 2008",
"url": null
}
]
}
CERTA-2008-AVI-118
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités dans les produits Java précédemment cités permettent à un utilisateur malveillant de contourner, sous diverses formes, la politique de sécurité.
Description
Douze vulnérabilités ont été identifiées dans les produits Java listés ci-dessus. Ces vulnérabilités permettent à un utilisateur malveillant :
- d'exécuter du code arbitraire, localement ou à distance ;
- de provoquer un déni de service à distance ;
- de contourner la politique de sécurité ;
- de porter atteinte à l'intégrité ou à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sun Java JDK 1.5.x et 1.6.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Java Web Start 1.x et 6.x ;",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Sun Java SDK 1.3.1_21 et pr\u00e9c\u00e9dents, 1.4.2_16 et pr\u00e9c\u00e9dents.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Sun Java JRE 1.4.x, 1.5.x et 1.6.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Centreon",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDouze vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans les produits Java list\u00e9s\nci-dessus. Ces vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur malveillant :\n\n- d\u0027ex\u00e9cuter du code arbitraire, localement ou \u00e0 distance ;\n- de provoquer un d\u00e9ni de service \u00e0 distance ;\n- de contourner la politique de s\u00e9curit\u00e9 ;\n- de porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 ou \u00e0 la confidentialit\u00e9 des\n donn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-1190",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1190"
},
{
"name": "CVE-2008-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1188"
},
{
"name": "CVE-2008-1193",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1193"
},
{
"name": "CVE-2008-1189",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1189"
},
{
"name": "CVE-2008-1191",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1191"
},
{
"name": "CVE-2008-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1195"
},
{
"name": "CVE-2008-1187",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1187"
},
{
"name": "CVE-2008-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1192"
},
{
"name": "CVE-2008-1185",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1185"
},
{
"name": "CVE-2008-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1196"
},
{
"name": "CVE-2008-1186",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1186"
},
{
"name": "CVE-2008-1194",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1194"
}
],
"links": [
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1"
},
{
"title": "Alerte de s\u00e9curit\u00e9 de l\u0027US-CERT TA08-066A du 06 mars 2008 :",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1"
}
],
"reference": "CERTA-2008-AVI-118",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-03-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans les produits Java pr\u00e9c\u00e9demment cit\u00e9s\npermettent \u00e0 un utilisateur malveillant de contourner, sous diverses\nformes, la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9s de Java",
"vendor_advisories": [
{
"published_at": null,
"title": "Alerte TA08-066A de l\u0027US-CERT",
"url": null
}
]
}
CERTA-2008-AVI-118
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités dans les produits Java précédemment cités permettent à un utilisateur malveillant de contourner, sous diverses formes, la politique de sécurité.
Description
Douze vulnérabilités ont été identifiées dans les produits Java listés ci-dessus. Ces vulnérabilités permettent à un utilisateur malveillant :
- d'exécuter du code arbitraire, localement ou à distance ;
- de provoquer un déni de service à distance ;
- de contourner la politique de sécurité ;
- de porter atteinte à l'intégrité ou à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sun Java JDK 1.5.x et 1.6.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Java Web Start 1.x et 6.x ;",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Sun Java SDK 1.3.1_21 et pr\u00e9c\u00e9dents, 1.4.2_16 et pr\u00e9c\u00e9dents.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Sun Java JRE 1.4.x, 1.5.x et 1.6.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Centreon",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDouze vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans les produits Java list\u00e9s\nci-dessus. Ces vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur malveillant :\n\n- d\u0027ex\u00e9cuter du code arbitraire, localement ou \u00e0 distance ;\n- de provoquer un d\u00e9ni de service \u00e0 distance ;\n- de contourner la politique de s\u00e9curit\u00e9 ;\n- de porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 ou \u00e0 la confidentialit\u00e9 des\n donn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-1190",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1190"
},
{
"name": "CVE-2008-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1188"
},
{
"name": "CVE-2008-1193",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1193"
},
{
"name": "CVE-2008-1189",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1189"
},
{
"name": "CVE-2008-1191",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1191"
},
{
"name": "CVE-2008-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1195"
},
{
"name": "CVE-2008-1187",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1187"
},
{
"name": "CVE-2008-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1192"
},
{
"name": "CVE-2008-1185",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1185"
},
{
"name": "CVE-2008-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1196"
},
{
"name": "CVE-2008-1186",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1186"
},
{
"name": "CVE-2008-1194",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1194"
}
],
"links": [
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1"
},
{
"title": "Alerte de s\u00e9curit\u00e9 de l\u0027US-CERT TA08-066A du 06 mars 2008 :",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Sun du 04 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1"
}
],
"reference": "CERTA-2008-AVI-118",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-03-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans les produits Java pr\u00e9c\u00e9demment cit\u00e9s\npermettent \u00e0 un utilisateur malveillant de contourner, sous diverses\nformes, la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9s de Java",
"vendor_advisories": [
{
"published_at": null,
"title": "Alerte TA08-066A de l\u0027US-CERT",
"url": null
}
]
}
FKIE_CVE-2008-1186
Vulnerability from fkie_nvd - Published: 2008-03-06 21:44 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29239 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29273 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29582 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29858 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/30676 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/30780 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32018 | Third Party Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200804-28.xml | Third Party Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1019555 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1 | Patch, Third Party Advisory | |
| cve@mitre.org | http://support.apple.com/kb/HT3178 | Third Party Advisory | |
| cve@mitre.org | http://support.apple.com/kb/HT3179 | Third Party Advisory | |
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml | Third Party Advisory | |
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml | Third Party Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0186.html | Third Party Advisory | |
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA08-066A.html | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2008-0010.html | Third Party Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0770/references | Third Party Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1856/references | Third Party Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/41025 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/41138 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29239 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29273 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29582 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29858 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30676 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30780 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32018 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200804-28.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1019555 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3178 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3179 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0186.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA08-066A.html | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2008-0010.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0770/references | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1856/references | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41025 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41138 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2_1 | |
| sun | jre | 1.4.2_2 | |
| sun | jre | 1.4.2_3 | |
| sun | jre | 1.4.2_4 | |
| sun | jre | 1.4.2_5 | |
| sun | jre | 1.4.2_6 | |
| sun | jre | 1.4.2_7 | |
| sun | jre | 1.4.2_8 | |
| sun | jre | 1.4.2_9 | |
| sun | jre | 1.4.2_10 | |
| sun | jre | 1.4.2_11 | |
| sun | jre | 1.4.2_12 | |
| sun | jre | 1.4.2_13 | |
| sun | jre | 1.4.2_14 | |
| sun | jre | 1.4.2_15 | |
| sun | jre | 1.4.2_16 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | sdk | 1.4.2 | |
| sun | sdk | 1.4.2_1 | |
| sun | sdk | 1.4.2_2 | |
| sun | sdk | 1.4.2_3 | |
| sun | sdk | 1.4.2_4 | |
| sun | sdk | 1.4.2_5 | |
| sun | sdk | 1.4.2_6 | |
| sun | sdk | 1.4.2_7 | |
| sun | sdk | 1.4.2_8 | |
| sun | sdk | 1.4.2_9 | |
| sun | sdk | 1.4.2_10 | |
| sun | sdk | 1.4.2_11 | |
| sun | sdk | 1.4.2_12 | |
| sun | sdk | 1.4.2_13 | |
| sun | sdk | 1.4.2_14 | |
| sun | sdk | 1.4.2_15 | |
| sun | sdk | 1.4.2_16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63978872-E797-4F13-B0F9-98CB67D0962A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEAB662-644A-4D7B-8237-64142CF48724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9598A49-95F2-42DB-B92C-CD026F739B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "D011585C-0E62-4233-85FA-F29A07D68DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "F226D898-F0E8-41D8-BF40-54DE9FB5426D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE28C283-447A-4F83-B96B-69F96E663C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5187B1-CB86-48E8-A595-9FCFD9822C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "6C660DE4-543A-4E9B-825D-CD099D08CBD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "318719C9-7B01-4021-B2EF-8341254DFE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "002CA86D-3090-4C7A-947A-21CB5D1ADD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6453C9-7EE0-4FFB-861D-C2D9416DCABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "89BF16DE-EEAB-4DA5-BFF1-7A0A58DE141F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDE253E-C8B6-4C1D-AECE-ABEA1A67306B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "A56D9A60-F272-4D4C-A9DD-C93DAF783585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "EF109CAA-E8D2-4BD7-BE7C-AF8B2A78672E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "976F4ACB-3725-45B7-B2EF-DEE4B88254E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "52BDD6A8-1611-4C3C-865D-6EDB5B9F8D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1F28FF-652A-4C89-9AC6-5E212F890811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "96A8C351-E9CD-431B-8B9D-712CA54C7213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "36888382-79C8-4C97-A654-C668CD68556F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "F34C99E6-F9F0-4EF3-8601-B47EAE3D7273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "A74DD08D-CEDB-460E-BED5-78F6CAF18BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F64FBC-DC97-4FE3-A235-18B87945AF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "85048406-9051-4E69-94A8-5C449F3B89E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C88DD7-0B46-4405-BD35-60D27E2DBA14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\""
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en la M\u00e1quina Virtual para Sun Java Runtime Environment (JRE) y JDK versi\u00f3n 5.0 Update 13 y anteriores, y SDK/JRE versi\u00f3n 1.4.2_16 y anteriores, permite a atacantes remotos alcanzar privilegios por medio de una aplicaci\u00f3n o applet no confiable, un problema diferente de CVE-2008-1185, tambi\u00e9n se conoce como \"the second issue.\""
}
],
"id": "CVE-2008-1186",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-03-06T21:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29239"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29273"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29582"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29858"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/30676"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/30780"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32018"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1019555"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41138"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/30676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/30780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1019555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
RHSA-2008:0186
Vulnerability from csaf_redhat - Published: 2008-03-06 22:11 - Updated: 2025-11-21 17:33Summary
Red Hat Security Advisory: java-1.5.0-sun security update
Notes
Topic
Updated java-1.5.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools
that users need to run applets and applications written using the Java
programming language.
Flaws in the JRE allowed an untrusted application or applet to elevate its
privileges. This could be exploited by a remote attacker to access local
files or execute local applications accessible to the user running the JRE
(CVE-2008-1185, CVE-2008-1186)
A flaw was found in the Java XSLT processing classes. An untrusted
application or applet could cause a denial of service, or execute arbitrary
code with the permissions of the user running the JRE. (CVE-2008-1187)
Several buffer overflow flaws were found in Java Web Start (JWS). An
untrusted JNLP application could access local files or execute local
applications accessible to the user running the JRE.
(CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)
A flaw was found in the Java Plug-in. A remote attacker could bypass the
same origin policy, executing arbitrary code with the permissions of the
user running the JRE. (CVE-2008-1192)
A flaw was found in the JRE image parsing libraries. An untrusted
application or applet could cause a denial of service, or possible execute
arbitrary code with the permissions of the user running the JRE.
(CVE-2008-1193)
A flaw was found in the JRE color management library. An untrusted
application or applet could trigger a denial of service (JVM crash).
(CVE-2008-1194)
The JRE allowed untrusted JavaScript code to create local network
connections by the use of Java APIs. A remote attacker could use these
flaws to acesss local network services. (CVE-2008-1195)
This update also fixes an issue where the Java Plug-in is not available for
browser use after successful installation.
Users of java-1.5.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.5.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Java Runtime Environment (JRE) contains the software and tools\nthat users need to run applets and applications written using the Java\nprogramming language. \n\nFlaws in the JRE allowed an untrusted application or applet to elevate its\nprivileges. This could be exploited by a remote attacker to access local\nfiles or execute local applications accessible to the user running the JRE\n(CVE-2008-1185, CVE-2008-1186)\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute arbitrary\ncode with the permissions of the user running the JRE. (CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An\nuntrusted JNLP application could access local files or execute local\napplications accessible to the user running the JRE.\n(CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)\n\nA flaw was found in the Java Plug-in. A remote attacker could bypass the\nsame origin policy, executing arbitrary code with the permissions of the\nuser running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted\napplication or applet could cause a denial of service, or possible execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted\napplication or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network\nconnections by the use of Java APIs. A remote attacker could use these\nflaws to acesss local network services. (CVE-2008-1195)\n\nThis update also fixes an issue where the Java Plug-in is not available for\nbrowser use after successful installation.\n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which\ncorrect these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0186",
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1"
},
{
"category": "external",
"summary": "436029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436029"
},
{
"category": "external",
"summary": "436030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436030"
},
{
"category": "external",
"summary": "436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "436295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436295"
},
{
"category": "external",
"summary": "436296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296"
},
{
"category": "external",
"summary": "436299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436299"
},
{
"category": "external",
"summary": "436302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436302"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0186.json"
}
],
"title": "Red Hat Security Advisory: java-1.5.0-sun security update",
"tracking": {
"current_release_date": "2025-11-21T17:33:03+00:00",
"generator": {
"date": "2025-11-21T17:33:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2008:0186",
"initial_release_date": "2008-03-06T22:11:00+00:00",
"revision_history": [
{
"date": "2008-03-06T22:11:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-03-06T17:11:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:33:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-1185",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436029"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka \"the first issue.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Untrusted applet and application privilege escalation (CVE-2008-1186)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1185"
},
{
"category": "external",
"summary": "RHBZ#436029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1185",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1185"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1185",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1185"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Untrusted applet and application privilege escalation (CVE-2008-1186)"
},
{
"cve": "CVE-2008-1186",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436029"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Untrusted applet and application privilege escalation (CVE-2008-1186)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1186"
},
{
"category": "external",
"summary": "RHBZ#436029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1186",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1186"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Untrusted applet and application privilege escalation (CVE-2008-1186)"
},
{
"cve": "CVE-2008-1187",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436030"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Untrusted applet and application XSLT processing privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1187"
},
{
"category": "external",
"summary": "RHBZ#436030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1187",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1187"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Untrusted applet and application XSLT processing privilege escalation"
},
{
"cve": "CVE-2008-1188",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436293"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka \"The first two issues.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1188"
},
{
"category": "external",
"summary": "RHBZ#436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1188"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1188",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1188"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)"
},
{
"cve": "CVE-2008-1189",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436293"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the \"third\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1189"
},
{
"category": "external",
"summary": "RHBZ#436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1189",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1189"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)"
},
{
"cve": "CVE-2008-1190",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436293"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the \"fourth\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1190"
},
{
"category": "external",
"summary": "RHBZ#436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1190",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1190"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)"
},
{
"cve": "CVE-2008-1192",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436295"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and \"execute local applications\" via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Plugin same-origin-policy bypass",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1192"
},
{
"category": "external",
"summary": "RHBZ#436295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436295"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1192"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Plugin same-origin-policy bypass"
},
{
"cve": "CVE-2008-1193",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436296"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE image parsing library allows privilege escalation (CVE-2008-1194)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1193"
},
{
"category": "external",
"summary": "RHBZ#436296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1193",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1193"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JRE image parsing library allows privilege escalation (CVE-2008-1194)"
},
{
"cve": "CVE-2008-1194",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436296"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE image parsing library allows privilege escalation (CVE-2008-1194)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1194"
},
{
"category": "external",
"summary": "RHBZ#436296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1194",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1194"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1194",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1194"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JRE image parsing library allows privilege escalation (CVE-2008-1194)"
},
{
"cve": "CVE-2008-1195",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436299"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java-API calls in untrusted Javascript allow network privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1195"
},
{
"category": "external",
"summary": "RHBZ#436299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1195"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1195",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1195"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java-API calls in untrusted Javascript allow network privilege escalation"
},
{
"cve": "CVE-2008-1196",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436302"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1196"
},
{
"category": "external",
"summary": "RHBZ#436302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436302"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1196"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start"
}
]
}
RHSA-2008_0186
Vulnerability from csaf_redhat - Published: 2008-03-06 22:11 - Updated: 2024-11-14 10:05Summary
Red Hat Security Advisory: java-1.5.0-sun security update
Notes
Topic
Updated java-1.5.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools
that users need to run applets and applications written using the Java
programming language.
Flaws in the JRE allowed an untrusted application or applet to elevate its
privileges. This could be exploited by a remote attacker to access local
files or execute local applications accessible to the user running the JRE
(CVE-2008-1185, CVE-2008-1186)
A flaw was found in the Java XSLT processing classes. An untrusted
application or applet could cause a denial of service, or execute arbitrary
code with the permissions of the user running the JRE. (CVE-2008-1187)
Several buffer overflow flaws were found in Java Web Start (JWS). An
untrusted JNLP application could access local files or execute local
applications accessible to the user running the JRE.
(CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)
A flaw was found in the Java Plug-in. A remote attacker could bypass the
same origin policy, executing arbitrary code with the permissions of the
user running the JRE. (CVE-2008-1192)
A flaw was found in the JRE image parsing libraries. An untrusted
application or applet could cause a denial of service, or possible execute
arbitrary code with the permissions of the user running the JRE.
(CVE-2008-1193)
A flaw was found in the JRE color management library. An untrusted
application or applet could trigger a denial of service (JVM crash).
(CVE-2008-1194)
The JRE allowed untrusted JavaScript code to create local network
connections by the use of Java APIs. A remote attacker could use these
flaws to acesss local network services. (CVE-2008-1195)
This update also fixes an issue where the Java Plug-in is not available for
browser use after successful installation.
Users of java-1.5.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.5.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Java Runtime Environment (JRE) contains the software and tools\nthat users need to run applets and applications written using the Java\nprogramming language. \n\nFlaws in the JRE allowed an untrusted application or applet to elevate its\nprivileges. This could be exploited by a remote attacker to access local\nfiles or execute local applications accessible to the user running the JRE\n(CVE-2008-1185, CVE-2008-1186)\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute arbitrary\ncode with the permissions of the user running the JRE. (CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An\nuntrusted JNLP application could access local files or execute local\napplications accessible to the user running the JRE.\n(CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)\n\nA flaw was found in the Java Plug-in. A remote attacker could bypass the\nsame origin policy, executing arbitrary code with the permissions of the\nuser running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted\napplication or applet could cause a denial of service, or possible execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted\napplication or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network\nconnections by the use of Java APIs. A remote attacker could use these\nflaws to acesss local network services. (CVE-2008-1195)\n\nThis update also fixes an issue where the Java Plug-in is not available for\nbrowser use after successful installation.\n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which\ncorrect these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0186",
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1"
},
{
"category": "external",
"summary": "436029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436029"
},
{
"category": "external",
"summary": "436030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436030"
},
{
"category": "external",
"summary": "436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "436295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436295"
},
{
"category": "external",
"summary": "436296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296"
},
{
"category": "external",
"summary": "436299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436299"
},
{
"category": "external",
"summary": "436302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436302"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0186.json"
}
],
"title": "Red Hat Security Advisory: java-1.5.0-sun security update",
"tracking": {
"current_release_date": "2024-11-14T10:05:52+00:00",
"generator": {
"date": "2024-11-14T10:05:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2008:0186",
"initial_release_date": "2008-03-06T22:11:00+00:00",
"revision_history": [
{
"date": "2008-03-06T22:11:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-03-06T17:11:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T10:05:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el5?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-1185",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436029"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka \"the first issue.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Untrusted applet and application privilege escalation (CVE-2008-1186)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1185"
},
{
"category": "external",
"summary": "RHBZ#436029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1185",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1185"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1185",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1185"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Untrusted applet and application privilege escalation (CVE-2008-1186)"
},
{
"cve": "CVE-2008-1186",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436029"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Untrusted applet and application privilege escalation (CVE-2008-1186)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1186"
},
{
"category": "external",
"summary": "RHBZ#436029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1186",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1186"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Untrusted applet and application privilege escalation (CVE-2008-1186)"
},
{
"cve": "CVE-2008-1187",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436030"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Untrusted applet and application XSLT processing privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1187"
},
{
"category": "external",
"summary": "RHBZ#436030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1187",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1187"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Untrusted applet and application XSLT processing privilege escalation"
},
{
"cve": "CVE-2008-1188",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436293"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka \"The first two issues.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1188"
},
{
"category": "external",
"summary": "RHBZ#436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1188"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1188",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1188"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)"
},
{
"cve": "CVE-2008-1189",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436293"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the \"third\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1189"
},
{
"category": "external",
"summary": "RHBZ#436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1189",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1189"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)"
},
{
"cve": "CVE-2008-1190",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436293"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the \"fourth\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1190"
},
{
"category": "external",
"summary": "RHBZ#436293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1190",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1190"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)"
},
{
"cve": "CVE-2008-1192",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436295"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and \"execute local applications\" via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Plugin same-origin-policy bypass",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1192"
},
{
"category": "external",
"summary": "RHBZ#436295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436295"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1192"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Plugin same-origin-policy bypass"
},
{
"cve": "CVE-2008-1193",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436296"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE image parsing library allows privilege escalation (CVE-2008-1194)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1193"
},
{
"category": "external",
"summary": "RHBZ#436296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1193",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1193"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JRE image parsing library allows privilege escalation (CVE-2008-1194)"
},
{
"cve": "CVE-2008-1194",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436296"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE image parsing library allows privilege escalation (CVE-2008-1194)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1194"
},
{
"category": "external",
"summary": "RHBZ#436296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1194",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1194"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1194",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1194"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JRE image parsing library allows privilege escalation (CVE-2008-1194)"
},
{
"cve": "CVE-2008-1195",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436299"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java-API calls in untrusted Javascript allow network privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1195"
},
{
"category": "external",
"summary": "RHBZ#436299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1195"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1195",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1195"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java-API calls in untrusted Javascript allow network privilege escalation"
},
{
"cve": "CVE-2008-1196",
"discovery_date": "2008-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "436302"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Buffer overflow security vulnerabilities in Java Web Start",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1196"
},
{
"category": "external",
"summary": "RHBZ#436302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436302"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1196"
}
],
"release_date": "2008-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-03-06T22:11:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0186"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Buffer overflow security vulnerabilities in Java Web Start"
}
]
}
GHSA-VCXM-855R-P3HV
Vulnerability from github – Published: 2022-05-01 23:37 – Updated: 2022-05-01 23:37
VLAI?
Details
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."
{
"affected": [],
"aliases": [
"CVE-2008-1186"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-03-06T21:44:00Z",
"severity": "HIGH"
},
"details": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\"",
"id": "GHSA-vcxm-855r-p3hv",
"modified": "2022-05-01T23:37:25Z",
"published": "2022-05-01T23:37:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1186"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41138"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29239"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29273"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29582"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29858"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/30676"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/30780"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32018"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1019555"
},
{
"type": "WEB",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3178"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3179"
},
{
"type": "WEB",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"type": "WEB",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"type": "WEB",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2008-1186
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2008-1186",
"description": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\"",
"id": "GSD-2008-1186",
"references": [
"https://www.suse.com/security/cve/CVE-2008-1186.html",
"https://access.redhat.com/errata/RHSA-2008:0186"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2008-1186"
],
"details": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\"",
"id": "GSD-2008-1186",
"modified": "2023-12-13T01:23:02.719306Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "1019555",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019555"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "32018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32018"
},
{
"name": "java-virtualmachine-multiple-priv-escalation(41025)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "oval:org.mitre.oval:def:9585",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585"
},
{
"name": "29239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29239"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "29582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29582"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "233321",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "sun-jre-unspecified-priv-escalation(41138)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41138"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "29273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29273"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1186"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "233321",
"refsource": "SUNALERT",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1"
},
{
"name": "RHSA-2008:0186",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html"
},
{
"name": "1019555",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1019555"
},
{
"name": "29273",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29273"
},
{
"name": "TA08-066A",
"refsource": "CERT",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html"
},
{
"name": "29239",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29239"
},
{
"name": "SUSE-SA:2008:018",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html"
},
{
"name": "29582",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29582"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "29858",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29858"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name": "30780",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/30780"
},
{
"name": "30676",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/30676"
},
{
"name": "32018",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32018"
},
{
"name": "APPLE-SA-2008-09-24",
"refsource": "APPLE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "http://support.apple.com/kb/HT3178",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3178"
},
{
"name": "ADV-2008-0770",
"refsource": "VUPEN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0770/references"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "sun-jre-unspecified-priv-escalation(41138)",
"refsource": "XF",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41138"
},
{
"name": "java-virtualmachine-multiple-priv-escalation(41025)",
"refsource": "XF",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41025"
},
{
"name": "oval:org.mitre.oval:def:9585",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2019-07-31T12:35Z",
"publishedDate": "2008-03-06T21:44Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…