This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:sun:jdk:5.0:update_4 |
| Detail | |||
|---|---|---|---|
| Vendor | Sun | First view | 2008-03-06 |
| Product | Jdk | Last view | 2009-08-06 |
| Version | 5.0 | Type | Application |
| Edition | |||
| Language | |||
| Update | update_4 | ||
| CPE Product | cpe:/a:sun:jdk | ||
Activity : Yearly
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 5 | 2009-08-06 | CVE-2009-2625 | Network | Low | None Requ... | |
| 10 | 2009-08-05 | CVE-2009-2675 | Network | Low | None Requ... | |
| 7.5 | 2009-08-05 | CVE-2009-2673 | Network | Low | None Requ... | |
| 7.5 | 2009-08-05 | CVE-2009-2672 | Network | Low | None Requ... | |
| 5 | 2009-08-05 | CVE-2009-2671 | Network | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 5 | 2009-08-05 | CVE-2009-2670 | Network | Low | None Requ... | |
| 6.4 | 2008-12-05 | CVE-2008-5360 | Network | Low | None Requ... | |
| 9.3 | 2008-12-05 | CVE-2008-5359 | Network | Medium | None Requ... | |
| 9.3 | 2008-12-05 | CVE-2008-5357 | Network | Medium | None Requ... | |
| 9.3 | 2008-12-05 | CVE-2008-5356 | Network | Medium | None Requ... | |
| 10 | 2008-12-05 | CVE-2008-5355 | Network | Low | None Requ... | |
| 9.3 | 2008-12-05 | CVE-2008-5354 | Network | Medium | None Requ... | |
| 10 | 2008-12-05 | CVE-2008-5353 | Network | Low | None Requ... | |
| 7.5 | 2008-12-05 | CVE-2008-5351 | Network | Low | None Requ... | |
| 5 | 2008-12-05 | CVE-2008-5350 | Network | Low | None Requ... | |
| 7.1 | 2008-12-05 | CVE-2008-5348 | Network | Medium | None Requ... | |
| 7.1 | 2008-12-05 | CVE-2008-5346 | Network | Medium | None Requ... | |
| 7.5 | 2008-12-05 | CVE-2008-5345 | Network | Low | None Requ... | |
| 7.5 | 2008-12-05 | CVE-2008-5344 | Network | Low | None Requ... | |
| 9 | 2008-12-05 | CVE-2008-5343 | Network | Low | None Requ... | |
| 5 | 2008-12-05 | CVE-2008-5342 | Network | Low | None Requ... | |
| 5 | 2008-12-05 | CVE-2008-5341 | Network | Low | None Requ... | |
| 10 | 2008-12-05 | CVE-2008-5340 | Network | Low | None Requ... | |
| 5 | 2008-12-05 | CVE-2008-5339 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (14) | CWE-264 | Permissions, Privileges, and Access Controls |
| 17% (5) | CWE-200 | Information Exposure |
| 17% (5) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 3% (1) | CWE-287 | Improper Authentication |
| 3% (1) | CWE-189 | Numeric Errors |
| % | id | Name |
|---|---|---|
| 3% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 3% (1) | CWE-20 | Improper Input Validation |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:10278 | Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Upd... |
| oval:org.mitre.oval:def:5601 | Java Web Start Bugs Let Remote Users Read/Write Files, Execute Arbitrary Code... |
| oval:org.mitre.oval:def:10920 | Unspecified vulnerability in the Java Management Extensions (JMX) management ... |
| oval:org.mitre.oval:def:9565 | Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in... |
| oval:org.mitre.oval:def:10866 | Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JR... |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:10219 | Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environm... |
| oval:org.mitre.oval:def:10541 | Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Updat... |
| oval:org.mitre.oval:def:11102 | Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 befo... |
| oval:org.mitre.oval:def:10454 | Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Upd... |
| oval:org.mitre.oval:def:9755 | Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Updat... |
| oval:org.mitre.oval:def:6409 | Multiple Security Vulnerabilities in Java Web Start and Java Plug-in May Allo... |
| oval:org.mitre.oval:def:6627 | Sun Java Multiple Code Execution and Security Bypass Vulnerabilities |
| oval:org.mitre.oval:def:6529 | Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and ... |
| oval:org.mitre.oval:def:6359 | Unspecified vunerability in the BasicService for Java Web Start (JWS) and Jav... |
| oval:org.mitre.oval:def:5924 | Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability |
| oval:org.mitre.oval:def:6249 | Sun Java Web Start and Java Plug-in applet class security bypass |
| oval:org.mitre.oval:def:6059 | Sun Java Runtime Environment (JRE) Lets Remote Users Access 'localhost' |
| oval:org.mitre.oval:def:6629 | Sun Java Runtime Environment zip File Processing Bug Lets Remote Users Read M... |
| oval:org.mitre.oval:def:6549 | Sun Java Runtime Environment and Java Development Kit Multiple Security Vulne... |
| oval:org.mitre.oval:def:6424 | Sun Java Runtime Environment Lets Remote Users View Directory Contents |
| oval:org.mitre.oval:def:6212 | Java Runtime Environment UTF-8 Decoding Bug May Let Users Bypass Access Restr... |
| oval:org.mitre.oval:def:6511 | Sun Java Runtime Environment 'Calendar.readObject' Bug Lets Remote Applets Ga... |
| oval:org.mitre.oval:def:6537 | Sun Java Runtime Environment JAR Main-Class manifest entry buffer overflow |
| oval:org.mitre.oval:def:5664 | Sun Java Runtime Environment Java Update Fails to Validate Digital Signatures |
| oval:org.mitre.oval:def:6494 | Sun Java Runtime Environment TrueType font buffer overflow |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 56984 | Apache Xerces2 Java Malformed XML Input DoS |
| 56788 | Sun Java JDK / JRE Audio System Unauthorized java.lang.System Properties Access |
| 56786 | Sun Java JDK / JRE Pack200 JAR File Decoding Inner Class Count Overflow |
| 56785 | Sun Java JDK / JRE Proxy Mechanism Implementation Arbitrary Host Connection |
| 56784 | Sun Java JDK / JRE Proxy Mechanism Implementation Unauthorized Browser Cookie... |
| id | Description |
|---|---|
| 56783 | Sun Java JDK / JRE SOCKS Proxy Implementation Applet Process Owner Disclosure |
| 50517 | Sun Java JDK / JRE TrueType Font Processing Integer Overflow |
| 50516 | Sun Java JDK / JRE TrueType Font Processing Heap Overflow |
| 50514 | Sun Java JDK / JRE Java Web Start BasicService Arbitrary File Access |
| 50513 | Sun Java JDK / JRE Applet Classloading Privilege Escalation |
| 50512 | Sun Java JDK / JRE Jave Web Start / Plug-in HTTP Session Hijacking |
| 50511 | Sun Java JDK / JRE Java Web Start SingleInstanceImpl Class SI_FILEDIR Propert... |
| 50510 | Sun Java JDK / JRE Java Web Start (JWS) JNLP File System Properties Override ... |
| 50509 | Sun Java JDK / JRE Java Web Start Application file: Protocol Arbitrary File A... |
| 50508 | Sun Java JRE LocalHost Network Access Restriction Bypass |
| 50507 | Sun Java JDK / JRE ZIP File Parsing Arbitrary Memory Disclosure |
| 50505 | Sun Java JDK / JRE Kerberos Authentication Unspecified Remote DoS |
| 50503 | Sun Java JDK / JRE Untrusted Applet User Home Directory Content Listing |
| 50502 | Sun Java JDK / JRE UTF-8 Decoder Non-shortest Form Sequence Handling Weakness |
| 50500 | Sun Java JDK / JRE Deserializing Calendar Object Privilege Escalation |
| 50499 | Sun Java JDK / JRE Command Line Application Overflow |
| 50498 | Sun Java JDK / JRE Java Update Mechanism Digital Signature Verification Weakness |
| 50497 | Sun Java JDK / JRE Java Web Start Application JNLP File Handling Socket Restr... |
| 50496 | Sun Java JDK / JRE Java AWT Library ConvolveOp Operation Image Handling Overflow |
| 50495 | Sun Java JDK / JRE Environment Temporary File Name Prediction Weakness |
ExploitDB Exploits
| id | Description |
|---|---|
| 16302 | Signed Applet Social Engineering Code Exec |
| 16293 | Sun Java Calendar Deserialization Exploit |
| 9948 | Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserialization ... |
| 8753 | Mac OS X Java applet Remote Deserialization Remote PoC (updated) |
Metasploit Exploits
| id | Description |
|---|---|
| 2008-12-03 | Sun Java Calendar Deserialization Privilege Escalation |
