rhsa-2008_1018
Vulnerability from csaf_redhat
Published
2008-12-04 15:45
Modified
2024-11-05 17:00
Summary
Red Hat Security Advisory: java-1.6.0-sun security update
Notes
Topic
Updated java-1.6.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools that
users need to run applets and applications written using the Java
programming language.
A vulnerability was found in in Java Web Start. If a user visits a
malicious website, an attacker could misuse this flaw to execute arbitrary
code. (CVE-2008-2086)
Additionally, these packages fix several other critical vulnerabilities.
These are summarized in the "Advance notification of Security Updates for
Java SE" from Sun Microsystems.
Users of java-1.6.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "The Java Runtime Environment (JRE) contains the software and tools that\nusers need to run applets and applications written using the Java\nprogramming language. \n\nA vulnerability was found in in Java Web Start. If a user visits a\nmalicious website, an attacker could misuse this flaw to execute arbitrary\ncode. (CVE-2008-2086)\n\nAdditionally, these packages fix several other critical vulnerabilities.\nThese are summarized in the \"Advance notification of Security Updates for\nJava SE\" from Sun Microsystems.\n\nUsers of java-1.6.0-sun should upgrade to these updated packages, which\ncorrect these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2008:1018", "url": "https://access.redhat.com/errata/RHSA-2008:1018" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates3", "url": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates3" }, { "category": "external", "summary": "474556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474556" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_1018.json" } ], "title": "Red Hat Security Advisory: java-1.6.0-sun security update", "tracking": { "current_release_date": "2024-11-05T17:00:01+00:00", "generator": { "date": "2024-11-05T17:00:01+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2008:1018", "initial_release_date": "2008-12-04T15:45:00+00:00", "revision_history": [ { "date": "2008-12-04T15:45:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2008-12-04T10:45:50+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:00:01+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Desktop version 4 Extras", "product": { "name": "Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4 Extras", "product": { "name": "Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.11-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.11-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.11-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.11-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.11-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.11-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.11-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.11-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.11-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.11-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.11-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.11-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.11-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.11-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.11-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.11-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.11-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.11-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.11-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.11-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.11-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.11-1jpp.1.el4?arch=i586\u0026epoch=1" } } } ], "category": "architecture", "name": "i586" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" } ] }, "vulnerabilities": [ { "cve": "CVE-2008-2086", "discovery_date": "2008-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "474556" } ], "notes": [ { "category": "description", "text": "Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka \"Java Web Start File Inclusion\" and CR 6694892.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start File Inclusion via System Properties Override", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-2086" }, { "category": "external", "summary": "RHBZ#474556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474556" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-2086", "url": "https://www.cve.org/CVERecord?id=CVE-2008-2086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2086" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Java Web Start File Inclusion via System Properties Override" }, { "cve": "CVE-2008-5339", "discovery_date": "2008-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "474772" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka CR 6727079.", "title": "Vulnerability description" }, { "category": "summary", "text": "JavaWebStart allows unauthorized network connections", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5339" }, { "category": "external", "summary": "RHBZ#474772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474772" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5339", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5339" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5339", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5339" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JavaWebStart allows unauthorized network connections" }, { "cve": "CVE-2008-5340", "discovery_date": "2008-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "474773" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors, aka 6727081.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java WebStart privilege escalation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5340" }, { "category": "external", "summary": "RHBZ#474773", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474773" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5340", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5340" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5340", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5340" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java WebStart privilege escalation" }, { "cve": "CVE-2008-5341", "discovery_date": "2008-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "474786" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start exposes username and the pathname of the JWS cache", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5341" }, { "category": "external", "summary": "RHBZ#474786", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474786" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5341", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5341" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5341", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5341" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Java Web Start exposes username and the pathname of the JWS cache" }, { "cve": "CVE-2008-5342", "discovery_date": "2008-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "474789" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start BasicService displays local files in the browser", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5342" }, { "category": "external", "summary": "RHBZ#474789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474789" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5342", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5342" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5342", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5342" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Java Web Start BasicService displays local files in the browser" }, { "cve": "CVE-2008-5343", "discovery_date": "2008-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "474790" } ], "notes": [ { "category": "description", "text": "Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF and a Java JAR file, aka \"GIFAR\" and CR 6707535.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java WebStart allows hidden code privilege escalation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5343" }, { "category": "external", "summary": "RHBZ#474790", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474790" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5343", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5343" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5343", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5343" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Java WebStart allows hidden code privilege escalation" }, { "cve": "CVE-2008-5344", "discovery_date": "2008-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "474792" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors related to applet classloading, aka 6716217.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java WebStart unprivileged local file and network access", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5344" }, { "category": "external", "summary": "RHBZ#474792", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474792" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5344", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5344" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5344", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5344" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Java WebStart unprivileged local file and network access" }, { "cve": "CVE-2008-5345", "discovery_date": "2008-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "474793" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make unauthorized connections to localhost via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE allows unauthorized file access and connections to localhost", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5345" }, { "category": "external", "summary": "RHBZ#474793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474793" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5345", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5345" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5345", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5345" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JRE allows unauthorized file access and connections to localhost" }, { "cve": "CVE-2008-5347", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472208" } ], "notes": [ { "category": "description", "text": "Multiple unspecified vulnerabilities in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the (1) JAX-WS and (2) JAXB packages.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK applet privilege escalation via JAX package access (6592792)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5347" }, { "category": "external", "summary": "RHBZ#472208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472208" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5347", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5347" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5347", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5347" } ], "release_date": "2008-12-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK applet privilege escalation via JAX package access (6592792)" }, { "cve": "CVE-2008-5348", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472209" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service (OS resource consumption) via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Denial-Of-Service in kerberos authentication (6588160)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5348" }, { "category": "external", "summary": "RHBZ#472209", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472209" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5348", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5348" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5348", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5348" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK Denial-Of-Service in kerberos authentication (6588160)" }, { "cve": "CVE-2008-5349", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472206" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK RSA public key length denial-of-service (6497740)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5349" }, { "category": "external", "summary": "RHBZ#472206", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472206" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5349", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5349" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5349", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5349" } ], "release_date": "2008-12-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK RSA public key length denial-of-service (6497740)" }, { "cve": "CVE-2008-5350", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472201" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applications and applets to list the contents of the operating user\u0027s directory via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK allows to list files within the user home directory (6484091)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5350" }, { "category": "external", "summary": "RHBZ#472201", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472201" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5350", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5350" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5350", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5350" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK allows to list files within the user home directory (6484091)" }, { "cve": "CVE-2008-5351", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472213" } ], "notes": [ { "category": "description", "text": "Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the \"shortest\" form, which makes it easier for attackers to bypass protection mechanisms for other applications that rely on shortest-form UTF-8 encodings.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5351" }, { "category": "external", "summary": "RHBZ#472213", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472213" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5351", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5351" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5351", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5351" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841)" }, { "cve": "CVE-2008-5352", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472233" } ], "notes": [ { "category": "description", "text": "Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Jar200 Decompression buffer overflow (6755943)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5352" }, { "category": "external", "summary": "RHBZ#472233", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472233" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5352", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5352" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5352", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5352" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK Jar200 Decompression buffer overflow (6755943)" }, { "cve": "CVE-2008-5353", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472224" } ], "notes": [ { "category": "description", "text": "The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by \"deserializing Calendar objects\".", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK calendar object deserialization allows privilege escalation (6734167)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5353" }, { "category": "external", "summary": "RHBZ#472224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472224" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5353", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5353" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5353", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5353" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK calendar object deserialization allows privilege escalation (6734167)" }, { "cve": "CVE-2008-5354", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472228" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with a long Main-Class manifest entry.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Privilege escalation in command line applications (6733959)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5354" }, { "category": "external", "summary": "RHBZ#472228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472228" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5354", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5354" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5354", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5354" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK Privilege escalation in command line applications (6733959)" }, { "cve": "CVE-2008-5356", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472218" } ], "notes": [ { "category": "description", "text": "Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Font processing vulnerability (6733336)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5356" }, { "category": "external", "summary": "RHBZ#472218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472218" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5356", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5356" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5356", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5356" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK Font processing vulnerability (6733336)" }, { "cve": "CVE-2008-5357", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472231" } ], "notes": [ { "category": "description", "text": "Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which triggers a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Truetype Font processing vulnerability (6751322)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5357" }, { "category": "external", "summary": "RHBZ#472231", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472231" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5357", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5357" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5357", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5357" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK Truetype Font processing vulnerability (6751322)" }, { "cve": "CVE-2008-5358", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472234" } ], "notes": [ { "category": "description", "text": "Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Buffer Overflow in GIF image processing (6766136)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5358" }, { "category": "external", "summary": "RHBZ#472234", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472234" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5358", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5358" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK Buffer Overflow in GIF image processing (6766136)" }, { "cve": "CVE-2008-5359", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472212" } ], "notes": [ { "category": "description", "text": "Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the Java AWT library.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Buffer overflow in image processing (6726779)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5359" }, { "category": "external", "summary": "RHBZ#472212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472212" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5359", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5359" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5359", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5359" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK Buffer overflow in image processing (6726779)" }, { "cve": "CVE-2008-5360", "discovery_date": "2008-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "472211" } ], "notes": [ { "category": "description", "text": "Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK temporary files have guessable file names (6721753)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-5360" }, { "category": "external", "summary": "RHBZ#472211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472211" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-5360", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5360" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5360", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5360" } ], "release_date": "2008-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-12-04T15:45:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.11-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.11-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:1018" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK temporary files have guessable file names (6721753)" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.