Rapid7 Vulnerability & Exploit Database

SUSE-SA:2008:025: IBM Java

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

SUSE-SA:2008:025: IBM Java

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

04/25/2008

Created

07/25/2018

Added

05/21/2008

Modified

11/18/2015

Description

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

Solution(s)

References

https://attackerkb.com/topics/cve-2007-3698
APPLE-SA-2007-12-14
APPLE-SA-2008-09-24
24846
25340
25918
25920
27650
28125
TA08-066A
TA08-087A
223028
336105
CVE - 2007-3698
CVE - 2007-4381
CVE - 2007-5232
CVE - 2007-5236
CVE - 2007-5238
CVE - 2007-5239
CVE - 2007-5240
CVE - 2007-5273
CVE - 2007-5274
CVE - 2008-0657
CVE - 2008-1187
CVE - 2008-1188
CVE - 2008-1189
CVE - 2008-1190
CVE - 2008-1192
CVE - 2008-1193
CVE - 2008-1194
CVE - 2008-1195
CVE - 2008-1196
36663
45527
OVAL10278
OVAL10290
OVAL10340
OVAL10412
OVAL10634
OVAL10783
OVAL10908
OVAL11209
OVAL11409
OVAL11505
OVAL11592
OVAL11813
OVAL6115
OVAL8758
OVAL9331
OVAL9486
OVAL9542
OVAL9582
OVAL9914
RHSA-2007:0818
RHSA-2007:0956
RHSA-2007:0963
RHSA-2007:1041
RHSA-2007:1086
RHSA-2008:0100
RHSA-2008:0123
RHSA-2008:0132
RHSA-2008:0156
RHSA-2008:0186
RHSA-2008:0210
RHSA-2008:0243
RHSA-2008:0244
RHSA-2008:0245
RHSA-2008:0267
RHSA-2008:0555
SUSE-SA:2007:055
SUSE-SA:2008:018
SUSE-SA:2008:019
SUSE-SA:2008:025
http://conference.hitb.org/hitbsecconf2007kl/?page_id=148
http://conference.hitb.org/hitbsecconf2007kl/materials/D2T1%20-%20Billy%20Rios%20-%20Slipping%20Past%20the%20Firewall.pdf
http://crypto.stanford.edu/dns/dns-rebinding.pdf
http://docs.info.apple.com/article.html?artnum=307177
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450
http://seclists.org/fulldisclosure/2007/Jul/0159.html
http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128
http://www.cisco.com/en/US/products/products_security_response09186a008088bd19.html
http://www.cisco.com/warp/public/707/cisco-sr-20070725-jsse.shtml
http://www.frsirt.com/english/advisories/2007/2495
http://www.frsirt.com/english/advisories/2007/2660
http://www.frsirt.com/english/advisories/2007/2910
http://www.frsirt.com/english/advisories/2007/3009
http://www.frsirt.com/english/advisories/2007/3861
http://www.frsirt.com/english/advisories/2007/3895
http://www.frsirt.com/english/advisories/2007/4224
http://www.frsirt.com/english/advisories/2008/0429
http://www.frsirt.com/english/advisories/2008/0609
http://www.frsirt.com/english/advisories/2008/0770/references
http://www.frsirt.com/english/advisories/2008/0998/references
http://www.frsirt.com/english/advisories/2008/1252
http://www.mandriva.com/security/advisories?name=MDVSA-2008:080
http://www.mozilla.org/security/announce/2008/mfsa2008-18.html
http://www.novell.com/linux/security/advisories/2008_25_ibmjava.html
http://www.securityfocus.com/archive/1/archive/1/482926/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/490196/100/0/threaded
http://www.ubuntu.com/usn/usn-592-1
35333
36061
36941
36942
36946
36950
41025
41026
41028
41029
41030
41031
41132
41133
41135

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;