← Back

CVE-2008-5352

nvd nist
Published: Dec 5, 2008Modified: Apr 23, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow.

Affected (40)

Products: Sun: Jdk, Jre
Sun
2 products
Jdk
Jre
Configuration A
40 vulnerable
Vulnerable SoftwareAffected Versions
Sun
Jdk
Up to 6
Jdk
Up to 5.0
Jdk
Version 5.0 update_10
Jdk
Version 5.0 update_11
Jdk
Version 5.0 update_12
Jdk
Version 5.0 update_13
Jdk
Version 5.0 update_14
Jdk
Version 5.0 update_15
Jdk
Version 5.0 update_1
Jdk
Version 5.0 update_2
Jdk
Version 5.0 update_3
Jdk
Version 6
Jdk
Version 6 update_1
Jdk
Version 6 update_2
Jdk
Version 6 update_3
Jdk
Version 6 update_4
Jdk
Version 6 update_5
Jdk
Version 6 update_6
Jdk
Version 6 update_7
Jdk
Version 6 update_8
Sun
Jre
Up to 6
Jre
Up to 5.0
Jre
Version 5.0
Jre
Version 5.0 update_10
Jre
Version 5.0 update_11
Jre
Version 5.0 update_12
Jre
Version 5.0 update_13
Jre
Version 5.0 update_14
Jre
Version 5.0 update_15
Jre
Version 5.0 update_1
Jre
Version 5.0 update_2
Jre
Version 6
Jre
Version 6 update_1
Jre
Version 6 update_2
Jre
Version 6 update_3
Jre
Version 6 update_4
Jre
Version 6 update_5
Jre
Version 6 update_6
Jre
Version 6 update_7
Jre
Version 6 update_8

Related CWEs

CWE-189
CWE-189

References (54)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
US Government Resource
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.