CVE-2008-5349

Advisory lineage Upstream: 0 Downstream: 6

Downstream

RHSA-2008:1018 RHSA-2008:1025 RHSA-2009:0016 RHSA-2009:0466 RHSA-2009:1505 RHSA-2009:1551

Modified

Published: 05 Dec 2008, 11:00

Last modified:07 Aug 2024, 10:49

Vulnerability Summary

Overall Risk (default)

medium

30/100

CVSS Score

7.1 HIGH

v2.0 (nvd)

EPSS Score

7.78% LOW

8% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

05 Dec 2008, 11:00

Published

Vulnerability first disclosed

07 Aug 2024, 10:49

Last Modified

Vulnerability information updated

Description

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key.

CVSS Metrics

v2.0•HIGH•Score: 7.1AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS Trends

Current EPSS score: 7.78%• Percentile: 92%

Affected Systems

sun•jdk
≤ 5.0 | ≤ 6 | 5.0:update_1 | 5.0:update_10 | 5.0:update_11 | 5.0:update_12 | 5.0:update_13 | 5.0:update_14 | 5.0:update_15 | 5.0:update_2 | 5.0:update_3 | 6 | 6:update_1 | 6:update_2 | 6:update_3 | 6:update_4 | 6:update_5 | 6:update_6 | 6:update_7 | 6:update_8
sun•jre
≤ 5.0 | ≤ 6 | 5.0 | 5.0:update_1 | 5.0:update_10 | 5.0:update_11 | 5.0:update_12 | 5.0:update_13 | 5.0:update_14 | 5.0:update_15 | 5.0:update_2 | 6 | 6:update_1 | 6:update_2 | 6:update_3 | 6:update_4 | 6:update_5 | 6:update_6 | 6:update_7 | 6:update_8