PT-2008-6473 · Oracle+1 · Java Runtime Environment+2

Published

2008-12-05

Updated

2018-10-11

CVE-2008-5349

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions 5.0 through 5.0 Update 16 Java Runtime Environment (JRE) versions 6 through 6 Update 10

Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by utilizing a crafted RSA public key.

Recommendations For Java Runtime Environment (JRE) versions 5.0 through 5.0 Update 16, update to a version later than 5.0 Update 16. For Java Runtime Environment (JRE) versions 6 through 6 Update 10, update to a version later than 6 Update 10.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2008-5349

HPSBUX02429

RHSA-2008:1018

RHSA-2008:1025

RHSA-2009:0016

RHSA-2009:0466

RHSA-2009:1505

RHSA-2009:1551

Affected Products

Hp-Ux

Java Platform

Java Runtime Environment

PT-2008-6473 · Oracle+1 · Java Runtime Environment+2

CVE-2008-5349

Related Identifiers

Affected Products

References · 50