CVE-2008-5357 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-5357
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-5357

Description: Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which triggers a heap-based buffer overflow.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/47050 SUSE http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-244987-1 SAID Secunia Advisory: SA33710 Secunia Advisory: SA32991 Secunia Advisory: SA34972 Secunia Advisory: SA35065 Secunia Advisory: SA34605 Secunia Advisory: SA34447 Secunia Advisory: SA34259 Secunia Advisory: SA34233 Secunia Advisory: SA33015 Secunia Advisory: SA33187 REDHAT http://www.redhat.com/support/errata/RHSA-2009-0016.html http://www.redhat.com/support/errata/RHSA-2009-0369.html http://rhn.redhat.com/errata/RHSA-2008-1025.html http://rhn.redhat.com/errata/RHSA-2008-1018.html OSVDB 50517 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=760 HP http://marc.info/?l=bugtraq&m=123678756409861&w=2 GENTOO http://security.gentoo.org/glsa/glsa-200911-02.xml CONFIRM http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid= http://support.avaya.com/elmodocs2/security/ASA-2008-485.htm CERT http://www.us-cert.gov/cas/techalerts/TA08-340A.html BID 32608

Return to the previous page.