rhsa-2008_1025
Vulnerability from csaf_redhat
Published
2008-12-04 15:45
Modified
2024-09-13 06:24
Summary
Red Hat Security Advisory: java-1.5.0-sun security update
Notes
Topic
Updated java-1.5.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Java Runtime Environment (JRE) contains the software and tools that
users need to run applets and applications written using the Java
programming language.
A vulnerability was found in in Java Web Start. If a user visits a
malicious website, an attacker could misuse this flaw to execute arbitrary
code. (CVE-2008-2086)
Additionally, these packages fix several other vulnerabilities. These are
summarized in the "Advance notification of Security Updates for Java SE"
from Sun Microsystems.
Users of java-1.5.0-sun should upgrade to these updated packages, which
correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.5.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Java Runtime Environment (JRE) contains the software and tools that\nusers need to run applets and applications written using the Java\nprogramming language. \n\nA vulnerability was found in in Java Web Start. If a user visits a\nmalicious website, an attacker could misuse this flaw to execute arbitrary\ncode. (CVE-2008-2086)\n\nAdditionally, these packages fix several other vulnerabilities. These are\nsummarized in the \"Advance notification of Security Updates for Java SE\"\nfrom Sun Microsystems. \n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which\ncorrect these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:1025",
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates3",
"url": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates3"
},
{
"category": "external",
"summary": "474556",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474556"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2008/rhsa-2008_1025.json"
}
],
"title": "Red Hat Security Advisory: java-1.5.0-sun security update",
"tracking": {
"current_release_date": "2024-09-13T06:24:20+00:00",
"generator": {
"date": "2024-09-13T06:24:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2008:1025",
"initial_release_date": "2008-12-04T15:45:00+00:00",
"revision_history": [
{
"date": "2008-12-04T15:45:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-12-04T10:45:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T06:24:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.17-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.17-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.17-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.17-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.17-1jpp.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.17-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.17-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.17-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.17-1jpp.2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.17-1jpp.2.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.17-1jpp.2.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.17-1jpp.2.el4?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-2086",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474556"
}
],
"notes": [
{
"category": "description",
"text": "Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka \"Java Web Start File Inclusion\" and CR 6694892.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start File Inclusion via System Properties Override",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2086"
},
{
"category": "external",
"summary": "RHBZ#474556",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474556"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2086",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2086"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Java Web Start File Inclusion via System Properties Override"
},
{
"cve": "CVE-2008-5339",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474772"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka CR 6727079.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JavaWebStart allows unauthorized network connections",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5339"
},
{
"category": "external",
"summary": "RHBZ#474772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5339",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5339"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5339",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5339"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JavaWebStart allows unauthorized network connections"
},
{
"cve": "CVE-2008-5340",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474773"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors, aka 6727081.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java WebStart privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5340"
},
{
"category": "external",
"summary": "RHBZ#474773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5340",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5340"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java WebStart privilege escalation"
},
{
"cve": "CVE-2008-5341",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474786"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start exposes username and the pathname of the JWS cache",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5341"
},
{
"category": "external",
"summary": "RHBZ#474786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5341"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start exposes username and the pathname of the JWS cache"
},
{
"cve": "CVE-2008-5342",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474789"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start BasicService displays local files in the browser",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5342"
},
{
"category": "external",
"summary": "RHBZ#474789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5342",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5342"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5342",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5342"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java Web Start BasicService displays local files in the browser"
},
{
"cve": "CVE-2008-5343",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474790"
}
],
"notes": [
{
"category": "description",
"text": "Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF and a Java JAR file, aka \"GIFAR\" and CR 6707535.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java WebStart allows hidden code privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5343"
},
{
"category": "external",
"summary": "RHBZ#474790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474790"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5343",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5343"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5343",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5343"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Java WebStart allows hidden code privilege escalation"
},
{
"cve": "CVE-2008-5344",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474792"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors related to applet classloading, aka 6716217.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java WebStart unprivileged local file and network access",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5344"
},
{
"category": "external",
"summary": "RHBZ#474792",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474792"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5344",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5344"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5344",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5344"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java WebStart unprivileged local file and network access"
},
{
"cve": "CVE-2008-5345",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474793"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make unauthorized connections to localhost via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE allows unauthorized file access and connections to localhost",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5345"
},
{
"category": "external",
"summary": "RHBZ#474793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474793"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5345",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5345"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5345",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5345"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JRE allows unauthorized file access and connections to localhost"
},
{
"cve": "CVE-2008-5346",
"discovery_date": "2008-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "474794"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE allows unauthorized memory read access via a crafted ZIP file",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5346"
},
{
"category": "external",
"summary": "RHBZ#474794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474794"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5346",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5346"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5346",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5346"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JRE allows unauthorized memory read access via a crafted ZIP file"
},
{
"cve": "CVE-2008-5348",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472209"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service (OS resource consumption) via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Denial-Of-Service in kerberos authentication (6588160)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5348"
},
{
"category": "external",
"summary": "RHBZ#472209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472209"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5348",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5348"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Denial-Of-Service in kerberos authentication (6588160)"
},
{
"cve": "CVE-2008-5349",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472206"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK RSA public key length denial-of-service (6497740)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5349"
},
{
"category": "external",
"summary": "RHBZ#472206",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472206"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5349",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5349"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5349",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5349"
}
],
"release_date": "2008-12-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK RSA public key length denial-of-service (6497740)"
},
{
"cve": "CVE-2008-5350",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472201"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applications and applets to list the contents of the operating user\u0027s directory via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK allows to list files within the user home directory (6484091)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5350"
},
{
"category": "external",
"summary": "RHBZ#472201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5350",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5350"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5350",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5350"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK allows to list files within the user home directory (6484091)"
},
{
"cve": "CVE-2008-5351",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472213"
}
],
"notes": [
{
"category": "description",
"text": "Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the \"shortest\" form, which makes it easier for attackers to bypass protection mechanisms for other applications that rely on shortest-form UTF-8 encodings.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5351"
},
{
"category": "external",
"summary": "RHBZ#472213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472213"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5351"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841)"
},
{
"cve": "CVE-2008-5352",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472233"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Jar200 Decompression buffer overflow (6755943)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5352"
},
{
"category": "external",
"summary": "RHBZ#472233",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472233"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5352",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5352"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5352",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5352"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Jar200 Decompression buffer overflow (6755943)"
},
{
"cve": "CVE-2008-5353",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472224"
}
],
"notes": [
{
"category": "description",
"text": "The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by \"deserializing Calendar objects\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK calendar object deserialization allows privilege escalation (6734167)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5353"
},
{
"category": "external",
"summary": "RHBZ#472224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472224"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5353",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5353"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5353",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5353"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK calendar object deserialization allows privilege escalation (6734167)"
},
{
"cve": "CVE-2008-5354",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472228"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with a long Main-Class manifest entry.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Privilege escalation in command line applications (6733959)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5354"
},
{
"category": "external",
"summary": "RHBZ#472228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472228"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5354",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5354"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5354",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5354"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Privilege escalation in command line applications (6733959)"
},
{
"cve": "CVE-2008-5356",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472218"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Font processing vulnerability (6733336)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5356"
},
{
"category": "external",
"summary": "RHBZ#472218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472218"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5356",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5356"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Font processing vulnerability (6733336)"
},
{
"cve": "CVE-2008-5357",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472231"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which triggers a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Truetype Font processing vulnerability (6751322)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5357"
},
{
"category": "external",
"summary": "RHBZ#472231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472231"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5357",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5357"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5357",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5357"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Truetype Font processing vulnerability (6751322)"
},
{
"cve": "CVE-2008-5359",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472212"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the Java AWT library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Buffer overflow in image processing (6726779)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5359"
},
{
"category": "external",
"summary": "RHBZ#472212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472212"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5359",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5359"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5359",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5359"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Buffer overflow in image processing (6726779)"
},
{
"cve": "CVE-2008-5360",
"discovery_date": "2008-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "472211"
}
],
"notes": [
{
"category": "description",
"text": "Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK temporary files have guessable file names (6721753)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5360"
},
{
"category": "external",
"summary": "RHBZ#472211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=472211"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5360",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5360"
}
],
"release_date": "2008-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.17-1jpp.2.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.17-1jpp.2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:1025"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK temporary files have guessable file names (6721753)"
}
]
}
Loading...