CVE-2008-5348 — JDK vulnerability

7 documents7 sources

Severity

7.1HIGHNVD

EPSS

12.2%

top 6.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN JDK SUN JRE SUN SDK

Timeline

PublishedDec 5

Latest updateMay 17

Description

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service (OS resource consumption) via unknown vectors.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages3 packages

▶NVDsun/jdk5.0+3

▶NVDsun/jre1.4.2_18+21

▶NVDsun/sdk1.4.2_18+17

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-gcr4-crvj-h3h7: Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5↗2022-05-17

▶

CVEList

CVE-2008-5348: Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5↗2008-12-05

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Internet Explorer - GDI+ (PoC) (MS08-052)↗2008-09-28

▶

📋Vendor Advisories

Ubuntu

openjdk-6 vulnerabilities↗2009-01-27

▶

Red Hat

OpenJDK Denial-Of-Service in kerberos authentication (6588160)↗2008-12-04

▶

💬Community

Bugzilla

CVE-2008-5348 OpenJDK Denial-Of-Service in kerberos authentication (6588160)↗2008-11-19

▶