OSVDB ID: 50506

Title: Sun Java JDK / JRE JAX-WS / JAXB Packages Internal Classes Applet Privilege Escalation

Info

Disclosure

Dec 03, 2008

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Classification

Impact: Loss of Integrity
Solution: Upgrade
Disclosure: Vendor Verified

Solution

Upgrade to version JDK/JRE 5.0 Update 17, JDK/JRE 6 Update 11, SDK/JRE 1.4.2_19, SDK/JRE 1.3.1_24 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

CVE ID: 2008-5347 (see also: NVD)
Secunia Advisory ID: 32991 33015 33056 33457 33528 33709 34233 34259 37386 38539
Related OSVDB ID: 50495 50496 50497 50498 50499 50500 50501 50502 50503 50504 50505 50507 50508
Keyword: c02000725, HPSBMA02486, SSRT090049
Vendor Specific Advisory URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02000725
http://sunsolve.sun.com/search/document.do?assetkey=1-66-246366-1
http://www.gentoo.org/security/en/glsa/glsa-200911-02.xml
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01683026
Vendor Specific News/Changelog Entry: http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html
https://lists.ubuntu.com/archives/ubuntu-security-announce/2009-January/000832.html
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00384.html
RedHat RHSA: https://rhn.redhat.com/errata/RHSA-2008-1018.html
https://rhn.redhat.com/errata/RHSA-2008-1025.html
https://rhn.redhat.com/errata/RHSA-2009-0015.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/50506