RHSA-2008_1025
Vulnerability from csaf_redhat - Published: 2008-12-04 15:45 - Updated: 2024-11-14 10:06Summary
Red Hat Security Advisory: java-1.5.0-sun security update
Severity
Critical
Notes
Topic: Updated java-1.5.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details: The Java Runtime Environment (JRE) contains the software and tools that
users need to run applets and applications written using the Java
programming language.
A vulnerability was found in in Java Web Start. If a user visits a
malicious website, an attacker could misuse this flaw to execute arbitrary
code. (CVE-2008-2086)
Additionally, these packages fix several other vulnerabilities. These are
summarized in the "Advance notification of Security Updates for Java SE"
from Sun Microsystems.
Users of java-1.5.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka "Java Web Start File Inclusion" and CR 6694892.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka CR 6727079.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors, aka 6727081.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR" and CR 6707535.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors related to applet classloading, aka 6716217.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make unauthorized connections to localhost via unknown vectors.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service (OS resource consumption) via unknown vectors.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key.
7.1 ()
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applications and applets to list the contents of the operating user's directory via unknown vectors.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms for other applications that rely on shortest-form UTF-8 encodings.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by "deserializing Calendar objects".
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with a long Main-Class manifest entry.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file.
7.5 ()
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which triggers a heap-based buffer overflow.
7.5 ()
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the Java AWT library.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:1025
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.5.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Java Runtime Environment (JRE) contains the software and tools that\nusers need to run applets and applications written using the Java\nprogramming language. \n\nA vulnerability was found in in Java Web Start. If a user visits a\nmalicious website, an attacker could misuse this flaw to execute arbitrary\ncode. (CVE-2008-2086)\n\nAdditionally, these packages fix several other vulnerabilities. These are\nsummarized in the \"Advance notification of Security Updates for Java SE\"\nfrom Sun Microsystems. \n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which\ncorrect these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:1025",
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates3",
"url": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates3"
},
{
"category": "external",
"summary": "474556",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474556"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_1025.json"
}
],
"title": "Red Hat Security Advisory: java-1.5.0-sun security update",
"tracking": {
"current_release_date": "2024-11-14T10:06:55+00:00",
"generator": {
"date": "2024-11-14T10:06:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2008:1025",
"initial_release_date": "2008-12-04T15:45:00+00:00",
"revision_history": [
{
"date": "2008-12-04T15:45:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-12-04T10:45:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T10:06:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.17-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.17-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.17-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.17-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.17-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.17-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.17-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.17-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.17-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.17-1jpp.2.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-2086",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474556"
}
],
"notes": [
{
"category": "description",
"text": "Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka \"Java Web Start File Inclusion\" and CR 6694892.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start File Inclusion via System Properties Override",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2086"
},
{
"category": "external",
"summary": "RHBZ#474556",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474556"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2086",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2086"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Java Web Start File Inclusion via System Properties Override"
},
{
"cve": "CVE-2008-5339",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474772"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka CR 6727079.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JavaWebStart allows unauthorized network connections",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5339"
},
{
"category": "external",
"summary": "RHBZ#474772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5339",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5339"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5339",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5339"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JavaWebStart allows unauthorized network connections"
},
{
"cve": "CVE-2008-5340",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474773"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors, aka 6727081.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java WebStart privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5340"
},
{
"category": "external",
"summary": "RHBZ#474773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5340",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5340"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java WebStart privilege escalation"
},
{
"cve": "CVE-2008-5341",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474786"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start exposes username and the pathname of the JWS cache",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5341"
},
{
"category": "external",
"summary": "RHBZ#474786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5341"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start exposes username and the pathname of the JWS cache"
},
{
"cve": "CVE-2008-5342",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474789"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start BasicService displays local files in the browser",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5342"
},
{
"category": "external",
"summary": "RHBZ#474789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5342",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5342"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5342",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5342"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start BasicService displays local files in the browser"
},
{
"cve": "CVE-2008-5343",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474790"
}
],
"notes": [
{
"category": "description",
"text": "Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF and a Java JAR file, aka \"GIFAR\" and CR 6707535.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java WebStart allows hidden code privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5343"
},
{
"category": "external",
"summary": "RHBZ#474790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474790"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5343",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5343"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5343",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5343"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Java WebStart allows hidden code privilege escalation"
},
{
"cve": "CVE-2008-5344",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474792"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors related to applet classloading, aka 6716217.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java WebStart unprivileged local file and network access",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5344"
},
{
"category": "external",
"summary": "RHBZ#474792",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474792"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5344",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5344"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5344",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5344"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java WebStart unprivileged local file and network access"
},
{
"cve": "CVE-2008-5345",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474793"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make unauthorized connections to localhost via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE allows unauthorized file access and connections to localhost",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5345"
},
{
"category": "external",
"summary": "RHBZ#474793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474793"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5345",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5345"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5345",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5345"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JRE allows unauthorized file access and connections to localhost"
},
{
"cve": "CVE-2008-5346",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474794"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE allows unauthorized memory read access via a crafted ZIP file",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5346"
},
{
"category": "external",
"summary": "RHBZ#474794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474794"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5346",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5346"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5346",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5346"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JRE allows unauthorized memory read access via a crafted ZIP file"
},
{
"cve": "CVE-2008-5348",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472209"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service (OS resource consumption) via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Denial-Of-Service in kerberos authentication (6588160)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5348"
},
{
"category": "external",
"summary": "RHBZ#472209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472209"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5348",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5348"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Denial-Of-Service in kerberos authentication (6588160)"
},
{
"cve": "CVE-2008-5349",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472206"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK RSA public key length denial-of-service (6497740)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5349"
},
{
"category": "external",
"summary": "RHBZ#472206",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472206"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5349",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5349"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5349",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5349"
}
],
"release_date": "2008-12-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK RSA public key length denial-of-service (6497740)"
},
{
"cve": "CVE-2008-5350",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472201"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applications and applets to list the contents of the operating user\u0027s directory via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK allows to list files within the user home directory (6484091)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5350"
},
{
"category": "external",
"summary": "RHBZ#472201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5350",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5350"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5350",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5350"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK allows to list files within the user home directory (6484091)"
},
{
"cve": "CVE-2008-5351",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472213"
}
],
"notes": [
{
"category": "description",
"text": "Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the \"shortest\" form, which makes it easier for attackers to bypass protection mechanisms for other applications that rely on shortest-form UTF-8 encodings.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5351"
},
{
"category": "external",
"summary": "RHBZ#472213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472213"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5351"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841)"
},
{
"cve": "CVE-2008-5352",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472233"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Jar200 Decompression buffer overflow (6755943)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5352"
},
{
"category": "external",
"summary": "RHBZ#472233",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472233"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5352",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5352"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5352",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5352"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Jar200 Decompression buffer overflow (6755943)"
},
{
"cve": "CVE-2008-5353",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472224"
}
],
"notes": [
{
"category": "description",
"text": "The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by \"deserializing Calendar objects\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK calendar object deserialization allows privilege escalation (6734167)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5353"
},
{
"category": "external",
"summary": "RHBZ#472224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472224"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5353",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5353"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5353",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5353"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK calendar object deserialization allows privilege escalation (6734167)"
},
{
"cve": "CVE-2008-5354",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472228"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with a long Main-Class manifest entry.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Privilege escalation in command line applications (6733959)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5354"
},
{
"category": "external",
"summary": "RHBZ#472228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472228"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5354",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5354"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5354",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5354"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Privilege escalation in command line applications (6733959)"
},
{
"cve": "CVE-2008-5356",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472218"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Font processing vulnerability (6733336)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5356"
},
{
"category": "external",
"summary": "RHBZ#472218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472218"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5356",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5356"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Font processing vulnerability (6733336)"
},
{
"cve": "CVE-2008-5357",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472231"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which triggers a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Truetype Font processing vulnerability (6751322)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5357"
},
{
"category": "external",
"summary": "RHBZ#472231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472231"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5357",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5357"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5357",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5357"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Truetype Font processing vulnerability (6751322)"
},
{
"cve": "CVE-2008-5359",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472212"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the Java AWT library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Buffer overflow in image processing (6726779)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5359"
},
{
"category": "external",
"summary": "RHBZ#472212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472212"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5359",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5359"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5359",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5359"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Buffer overflow in image processing (6726779)"
},
{
"cve": "CVE-2008-5360",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472211"
}
],
"notes": [
{
"category": "description",
"text": "Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK temporary files have guessable file names (6721753)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5360"
},
{
"category": "external",
"summary": "RHBZ#472211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472211"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5360",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5360"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-12-04T15:45:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK temporary files have guessable file names (6721753)"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…