PT-2008-6484 · Sun+2 · Java Runtime Environment+4

Publicado

2008-12-05

·

Atualizado

2019-10-09

·

CVE-2008-5360

CVSS v2.0

6.4

Média

VetorAV:N/AC:L/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) for Sun JDK and JRE versions 6 Update 10 and earlier JDK and JRE versions 5.0 Update 16 and earlier SDK and JRE versions 1.4.2 18 and earlier SDK and JRE versions 1.3.1 23 and earlier
Description The issue allows attackers to write malicious JAR files via unknown vectors due to the creation of temporary files with predictable file names.
Recommendations For Java Runtime Environment (JRE) for Sun JDK and JRE versions 6 Update 10 and earlier, update to a version later than 6 Update 10. For JDK and JRE versions 5.0 Update 16 and earlier, update to a version later than 5.0 Update 16. For SDK and JRE versions 1.4.2 18 and earlier, update to a version later than 1.4.2 18. For SDK and JRE versions 1.3.1 23 and earlier, update to a version later than 1.3.1 23.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CVE-2008-5360
HPSBUX02411
RHSA-2008:1018
RHSA-2008:1025
RHSA-2009:0015
RHSA-2009:0016
RHSA-2009:0445
RHSA-2009:0466

Produtos afetados

Hp-Ux
Jdk
Java Platform
Java Runtime Environment
Sdk