rhsa-2008_0186
Vulnerability from csaf_redhat
Published
2008-03-06 22:11
Modified
2024-11-14 10:05
Summary
Red Hat Security Advisory: java-1.5.0-sun security update
Notes
Topic
Updated java-1.5.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools
that users need to run applets and applications written using the Java
programming language.
Flaws in the JRE allowed an untrusted application or applet to elevate its
privileges. This could be exploited by a remote attacker to access local
files or execute local applications accessible to the user running the JRE
(CVE-2008-1185, CVE-2008-1186)
A flaw was found in the Java XSLT processing classes. An untrusted
application or applet could cause a denial of service, or execute arbitrary
code with the permissions of the user running the JRE. (CVE-2008-1187)
Several buffer overflow flaws were found in Java Web Start (JWS). An
untrusted JNLP application could access local files or execute local
applications accessible to the user running the JRE.
(CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)
A flaw was found in the Java Plug-in. A remote attacker could bypass the
same origin policy, executing arbitrary code with the permissions of the
user running the JRE. (CVE-2008-1192)
A flaw was found in the JRE image parsing libraries. An untrusted
application or applet could cause a denial of service, or possible execute
arbitrary code with the permissions of the user running the JRE.
(CVE-2008-1193)
A flaw was found in the JRE color management library. An untrusted
application or applet could trigger a denial of service (JVM crash).
(CVE-2008-1194)
The JRE allowed untrusted JavaScript code to create local network
connections by the use of Java APIs. A remote attacker could use these
flaws to acesss local network services. (CVE-2008-1195)
This update also fixes an issue where the Java Plug-in is not available for
browser use after successful installation.
Users of java-1.5.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.5.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "The Java Runtime Environment (JRE) contains the software and tools\nthat users need to run applets and applications written using the Java\nprogramming language. \n\nFlaws in the JRE allowed an untrusted application or applet to elevate its\nprivileges. This could be exploited by a remote attacker to access local\nfiles or execute local applications accessible to the user running the JRE\n(CVE-2008-1185, CVE-2008-1186)\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute arbitrary\ncode with the permissions of the user running the JRE. (CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An\nuntrusted JNLP application could access local files or execute local\napplications accessible to the user running the JRE.\n(CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)\n\nA flaw was found in the Java Plug-in. A remote attacker could bypass the\nsame origin policy, executing arbitrary code with the permissions of the\nuser running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted\napplication or applet could cause a denial of service, or possible execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted\napplication or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network\nconnections by the use of Java APIs. A remote attacker could use these\nflaws to acesss local network services. (CVE-2008-1195)\n\nThis update also fixes an issue where the Java Plug-in is not available for\nbrowser use after successful installation.\n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which\ncorrect these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2008:0186", "url": "https://access.redhat.com/errata/RHSA-2008:0186" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1" }, { "category": "external", "summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1" }, { "category": "external", "summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1" }, { "category": "external", "summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1" }, { "category": "external", "summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1" }, { "category": "external", "summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1" }, { "category": "external", "summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1" }, { "category": "external", "summary": "436029", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436029" }, { "category": "external", "summary": "436030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436030" }, { "category": "external", "summary": "436293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293" }, { "category": "external", "summary": "436295", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436295" }, { "category": "external", "summary": "436296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296" }, { "category": "external", "summary": "436299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436299" }, { "category": "external", "summary": "436302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436302" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0186.json" } ], "title": "Red Hat Security Advisory: java-1.5.0-sun security update", "tracking": { "current_release_date": "2024-11-14T10:05:52+00:00", "generator": { "date": "2024-11-14T10:05:52+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2008:0186", "initial_release_date": "2008-03-06T22:11:00+00:00", "revision_history": [ { "date": "2008-03-06T22:11:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2008-03-06T17:11:54+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T10:05:52+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Desktop version 4 Extras", "product": { "name": "Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4 Extras", "product": { "name": "Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "product": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el4?arch=x86_64" } } }, { "category": "product_version", "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "product": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el4?arch=x86_64" } } }, { "category": "product_version", "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "product": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el4?arch=x86_64" } } }, { "category": "product_version", "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "product": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el4?arch=x86_64" } } }, { "category": "product_version", "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "product": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el4?arch=x86_64" } } }, { "category": "product_version", "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "product": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el5?arch=x86_64" } } }, { "category": "product_version", "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "product": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el5?arch=x86_64" } } }, { "category": "product_version", "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "product": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el5?arch=x86_64" } } }, { "category": "product_version", "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "product": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el5?arch=x86_64" } } }, { "category": "product_version", "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "product": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el5?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "product": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el4?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "product": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el4?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "product": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el4?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "product": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el4?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "product": { "name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "product_id": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.15-1jpp.2.el4?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "product": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el4?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "product": { "name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "product_id": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.15-1jpp.2.el5?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "product": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "product_id": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.15-1jpp.2.el5?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "product": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "product_id": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.15-1jpp.2.el5?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "product": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "product_id": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.15-1jpp.2.el5?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "product": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "product_id": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.15-1jpp.2.el5?arch=i586" } } }, { "category": "product_version", "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "product": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "product_id": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.15-1jpp.2.el5?arch=i586" } } } ], "category": "architecture", "name": "i586" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64" }, "product_reference": "java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64" }, "product_reference": "java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64" }, "product_reference": "java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64" }, "product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" }, "product_reference": "java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" } ] }, "vulnerabilities": [ { "cve": "CVE-2008-1185", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436029" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka \"the first issue.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "Untrusted applet and application privilege escalation (CVE-2008-1186)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1185" }, { "category": "external", "summary": "RHBZ#436029", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436029" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1185", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1185" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1185", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1185" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Untrusted applet and application privilege escalation (CVE-2008-1186)" }, { "cve": "CVE-2008-1186", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436029" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka \"the second issue.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "Untrusted applet and application privilege escalation (CVE-2008-1186)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1186" }, { "category": "external", "summary": "RHBZ#436029", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436029" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1186", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1186" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1186", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1186" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Untrusted applet and application privilege escalation (CVE-2008-1186)" }, { "cve": "CVE-2008-1187", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436030" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.", "title": "Vulnerability description" }, { "category": "summary", "text": "Untrusted applet and application XSLT processing privilege escalation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1187" }, { "category": "external", "summary": "RHBZ#436030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436030" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1187", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1187" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1187", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1187" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Untrusted applet and application XSLT processing privilege escalation" }, { "cve": "CVE-2008-1188", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436293" } ], "notes": [ { "category": "description", "text": "Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka \"The first two issues.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1188" }, { "category": "external", "summary": "RHBZ#436293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1188", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1188" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1188", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1188" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)" }, { "cve": "CVE-2008-1189", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436293" } ], "notes": [ { "category": "description", "text": "Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the \"third\" issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1189" }, { "category": "external", "summary": "RHBZ#436293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1189", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1189" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1189", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1189" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)" }, { "cve": "CVE-2008-1190", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436293" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the \"fourth\" issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1190" }, { "category": "external", "summary": "RHBZ#436293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436293" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1190", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1190" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1190", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1190" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)" }, { "cve": "CVE-2008-1192", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436295" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and \"execute local applications\" via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Plugin same-origin-policy bypass", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1192" }, { "category": "external", "summary": "RHBZ#436295", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436295" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1192", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1192" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1192", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1192" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Plugin same-origin-policy bypass" }, { "cve": "CVE-2008-1193", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436296" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE image parsing library allows privilege escalation (CVE-2008-1194)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1193" }, { "category": "external", "summary": "RHBZ#436296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1193", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1193" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1193", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1193" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JRE image parsing library allows privilege escalation (CVE-2008-1194)" }, { "cve": "CVE-2008-1194", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436296" } ], "notes": [ { "category": "description", "text": "Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE image parsing library allows privilege escalation (CVE-2008-1194)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1194" }, { "category": "external", "summary": "RHBZ#436296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1194", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1194" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1194", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1194" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JRE image parsing library allows privilege escalation (CVE-2008-1194)" }, { "cve": "CVE-2008-1195", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436299" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java-API calls in untrusted Javascript allow network privilege escalation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1195" }, { "category": "external", "summary": "RHBZ#436299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1195", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1195" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1195", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1195" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java-API calls in untrusted Javascript allow network privilege escalation" }, { "cve": "CVE-2008-1196", "discovery_date": "2008-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "436302" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.", "title": "Vulnerability description" }, { "category": "summary", "text": "Buffer overflow security vulnerabilities in Java Web Start", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-1196" }, { "category": "external", "summary": "RHBZ#436302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436302" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1196", "url": "https://www.cve.org/CVERecord?id=CVE-2008-1196" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1196", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1196" } ], "release_date": "2008-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-03-06T22:11:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el4.x86_64", "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.i586", "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el4.x86_64", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.15-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.i586", "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.15-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0186" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Buffer overflow security vulnerabilities in Java Web Start" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.