Bug 431861 - (CVE-2008-0657) CVE-2008-0657 java-1.5.0 Privilege escalation via unstrusted applet and application
CVE-2008-0657 java-1.5.0 Privilege escalation via unstrusted applet and appli...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
http://sunsolve.sun.com/search/docume...
impact=important,source=sunsolve,repo...
: Security
Depends On: 431999 432000 435710 435711 439176 439177 455574 455726
Blocks:
  Show dependency treegraph
 
Reported: 2008-02-07 09:32 EST by Marc Schoenefeld
Modified: 2011-09-29 21:10 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-09-29 21:10:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marc Schoenefeld 2008-02-07 09:32:03 EST
Sun disclosed these vulnerability details in 
http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1 : 

Two vulnerabilities in the Java Runtime Environment may independently allow an
untrusted application or applet that is downloaded from a website to elevate its
privileges. For example, the application or applet may grant itself permissions
to read and write local files or execute local applications that are accessible
to the user running the untrusted application or applet.
Comment 1 Marc Schoenefeld 2008-02-07 09:35:05 EST
Affected: 

* JDK and JRE 6 Update 1 or earlier 
* JDK and JRE 5.0 Update 13 or earlier (



Note You need to log in before you can comment on or make changes to this bug.