PT-2008-6475 · Oracle+1 · Sdk+4

Publicado

2008-12-05

Atualizado

2017-09-29

CVE-2008-5351

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier JDK and JRE 5.0 Update 16 and earlier SDK and JRE 1.4.2 18 and earlier

Description The issue allows attackers to bypass protection mechanisms in other applications by accepting non-shortest form UTF-8 encodings, making it easier to exploit these applications.

Recommendations For Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, update to a version later than Update 10. For JDK and JRE 5.0 Update 16 and earlier, update to a version later than Update 16. For SDK and JRE 1.4.2 18 and earlier, update to a version later than 1.4.2 18.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2008-5351

HPSBUX02411

RHSA-2008:1018

RHSA-2008:1025

RHSA-2009:0016

RHSA-2009:0369

RHSA-2009:0445

RHSA-2009:0466

Produtos afetados

Hp-Ux

Jdk

Java Platform

Java Runtime Environment

Sdk

PT-2008-6475 · Oracle+1 · Sdk+4

CVE-2008-5351

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 60