CVE-2008-5358

Published Dec 5, 2008

Last updated 7 years ago

CVSS info 9.3

Overview

Description: Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:sun:jdk:*:update_10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F52DFA7-EEC1-4B8C-9ADA-0DA3D81E2F8E",
            "versionEndIncluding": "6"
          },
          {
            "criteria": "cpe:2.3:a:sun:jdk:6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1264A513-5AE3-4F0E-8387-1F75EBAEA241"
          },
          {
            "criteria": "cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C9F6EA8-6A88-4485-89A3-0FDF84AB51DA"
          },
          {
            "criteria": "cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67E0818A-3675-4293-89FE-5001E36C0F38"
          },
          {
            "criteria": "cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95112B98-B6B2-43FA-BF76-F518649CF3BE"
          },
          {
            "criteria": "cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A18341A-3688-48E7-95AD-283EC9C95B4A"
          },
          {
            "criteria": "cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E301C59A-47F5-4861-9091-D0002CBA5B7A"
          },
          {
            "criteria": "cpe:2.3:a:sun:jdk:6:update_6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCD4F889-710C-43C5-85DD-70E96F8FE313"
          },
          {
            "criteria": "cpe:2.3:a:sun:jdk:6:update_7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED195051-AAC7-4EE1-B936-18D1C8AD2498"
          },
          {
            "criteria": "cpe:2.3:a:sun:jdk:6:update_8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44146DF6-F368-4F17-B379-34194873D80F"
          },
          {
            "criteria": "cpe:2.3:a:sun:jre:*:update_10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFC680FA-7FCA-4345-8492-F16C86151DF8",
            "versionEndIncluding": "6"
          },
          {
            "criteria": "cpe:2.3:a:sun:jre:6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C502FE9-F61F-4316-AA33-B09FA8BA54DF"
          },
          {
            "criteria": "cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F98D2BD-2AC1-4C4C-8A10-71093DCBC4E5"
          },
          {
            "criteria": "cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDC09958-5286-4C16-AB6F-63B4BDD902B3"
          },
          {
            "criteria": "cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDE1E9E9-85EF-4ACA-902B-00225EB4324F"
          },
          {
            "criteria": "cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0CDBFCB-42EA-4F19-A98D-7696B0D526CB"
          },
          {
            "criteria": "cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53DCFF2A-77A7-41DB-A712-9B6D1FD2574A"
          },
          {
            "criteria": "cpe:2.3:a:sun:jre:6:update_6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82C6F76F-68FD-4794-9182-935D85910C1F"
          },
          {
            "criteria": "cpe:2.3:a:sun:jre:6:update_7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6314C9DF-9421-445D-ABCC-79EDCED23156"
          },
          {
            "criteria": "cpe:2.3:a:sun:jre:6:update_8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "533670FA-B8DC-40B4-ADC1-CCD70E4A43A1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References