CVE-2008-5353 – Signed Applet Social Engineering - Code Execution
https://notcve.org/view.php?id=CVE-2008-5353
The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by "deserializing Calendar objects". Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Sun JDK y JRE v6 Update 10 y anteriores; JDK y JRE v5.0 Update 16 y anteriores; y en SDK y JRE v1.4.2_18 y anteriores permite a applets y aplicaciones no confiables obtener privilegios mediante vectores desconocidos relacionados con la "segregación información de objetos de calendario". • https://www.exploit-db.com/exploits/16302 https://www.exploit-db.com/exploits/16293 https://www.exploit-db.com/exploits/9948 https://www.exploit-db.com/exploits/8753 http://blog.cr0.org/2009/05/write-once-own-everyone.html http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html http://lists.opensuse.org/opensuse-sec •
CVE-2008-5351 – OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841)
https://notcve.org/view.php?id=CVE-2008-5351
Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms for other applications that rely on shortest-form UTF-8 encodings. Java Runtime Environment (JRE) en Sun JDK y JRE v6 Update 10 y anteriores; JDK y JRE v5.0 Update 16 y anteriores; y en SDK y JRE v1.4.2_18 y anteriores acepta códigos UTF-8 que no están en la forma "corta", facilitando a los atacantes la evasión de los mecanismos de protección de otras aplicaciones que confían en la codificación UTF-8 en forma corta. • http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://marc.info/?l=bugtraq&m=123678756409861&w=2 http://marc.info/?l=bugtraq&m=126583436323697&w=2 http://osvdb.org/50502 http://rhn.redhat.com/errata/RHSA-2008-1018.html http://rh • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-5349 – OpenJDK RSA public key length denial-of-service (6497740)
https://notcve.org/view.php?id=CVE-2008-5349
Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key. Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Sun JDK y JRE v6 Update 10 y anteriores, y en JDK y JRE v5.0 Update 16 y anteriores, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante una clave pública RSA modificada. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html http://osvdb.org/50504 http://rhn.redhat.com/errata/RHSA-2008-1018.html http://rhn.redhat.com/errata/RHSA-2008-1025.html http://secunia.com/advisories/32991 http://sec •
CVE-2008-5352 – OpenJDK Jar200 Decompression buffer overflow (6755943)
https://notcve.org/view.php?id=CVE-2008-5352
Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow. Desbordamiento de entero en la utilidad de desempaquetado JAR (unpack200) en la biblioteca de desempaquetar (unpack.dll) en Java Runtime Environment (JRE) en Sun JDK y JRE v6 Update 10 y anteriores, y en JDK y JRE v5.0 Update 16 y anteriores, permite a applets y aplicaciones no confiables obtener privilegios mediante un fichero JAR comprimido con Pack200 provocando un desbordamiento de búfer basado en pila. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=759 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html http://osvdb.org/50501 http://rhn.redhat.com/errata/RHSA-2008-1018.html http://rhn.redhat.com/errata/RHSA-2008-1025.html http://secunia.com/advisories/32991 http://secunia.com/advisories/33015 http://secunia.com/advisories/33528 http://secunia.com/advisories/3370 • CWE-189: Numeric Errors •
CVE-2008-5346 – JRE allows unauthorized memory read access via a crafted ZIP file
https://notcve.org/view.php?id=CVE-2008-5346
Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file. Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Sun JDK y JRE v5.0 Update 16 y anteriores; en SDK y JRE v1.4.2_18 y anteriores; y en SDK y JRE v1.3.1_23 y anteriores permite a applets y aplicaciones no confiables leer zonas de memoria de su elección utilizando un fichero ZIP modificado. • http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://osvdb.org/50507 http://rhn.redhat.com/errata/RHSA-2008-1025.html http://secunia.com/advisories/32991 http://secunia.com/advisories/33015 http://secunia.com/advisories/33710 http://secunia.com/advisories/34605 http://secunia.com/advisories/34889 http:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •