CVE-2008-5352

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions 5.0 through 5.0 Update 16 Java Runtime Environment (JRE) versions 6 through 6 Update 10

Description The issue is related to an integer overflow in the JAR unpacking utility, which can be exploited by untrusted applications and applets to gain privileges. This can be achieved through a Pack200 compressed JAR file that triggers a heap-based buffer overflow.

Recommendations For Java Runtime Environment (JRE) versions 5.0 through 5.0 Update 16, update to a version later than 5.0 Update 16 to resolve the issue. For Java Runtime Environment (JRE) versions 6 through 6 Update 10, update to a version later than 6 Update 10 to resolve the issue.