PT-2008-2780 · Sun · Sun Java Runtime Environment+1

Published

2008-03-06

Updated

2017-09-29

CVE-2008-1187

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Sun Java Runtime Environment (JRE) and JDK versions 6 Update 4 and earlier Sun Java Runtime Environment (JRE) and JDK versions 5.0 Update 14 and earlier Sun Java Runtime Environment (JRE) and JDK versions 1.4.2 16 and earlier

Description The issue allows remote attackers to cause a denial of service, potentially leading to a crash, and may also enable the execution of arbitrary code. This is related to XSLT transforms, but the specific vectors are unknown.

Recommendations For versions 6 Update 4 and earlier, update to a version later than Update 4 to resolve the issue. For versions 5.0 Update 14 and earlier, update to a version later than Update 14 to resolve the issue. For versions 1.4.2 16 and earlier, update to a version later than 1.4.2 16 to resolve the issue.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2008-1187

RHSA-2008:0186

RHSA-2008:0210

RHSA-2008:0243

RHSA-2008:0244

RHSA-2008:0245

RHSA-2008:0267

RHSA-2008:0555

RHSA-2008:0638

Affected Products

Jdk

Sun Java Runtime Environment

PT-2008-2780 · Sun · Sun Java Runtime Environment+1

CVE-2008-1187

Weakness Enumeration

Related Identifiers

Affected Products

References · 47