exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2008-5353

Status Candidate

Overview

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by "deserializing Calendar objects".

Related Files

HP Security Bulletin HPSBMA02486 SSRT090049
Posted Feb 10, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with the Java Runtime Environment (JRE) and Java Developer Kit (JDK) delivered with HP OpenView Network Node Manager (OV NNM). These vulnerabilities may allow remote unauthorized access, privilege escalation, execution of arbitrary code, and creation of a Denial of Service (DoS) .

tags | advisory, java, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2008-2086, CVE-2008-5339, CVE-2008-5340, CVE-2008-5341, CVE-2008-5342, CVE-2008-5343, CVE-2008-5344, CVE-2008-5345, CVE-2008-5347, CVE-2008-5348, CVE-2008-5350, CVE-2008-5351, CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359
SHA-256 | d609c2737ba3ee1e6d4dc412f6776d14c47fbc01f340bfebad40833c6310c6fa
Sun Java Calendar Deserialization
Posted Oct 27, 2009
Authored by H D Moore, sf | Site metasploit.com

This Metasploit module exploits a flaw in the deserialization of Calendar objects in the Sun JVM. The payload can be either a native payload which is generated as an executable and dropped/executed on the target or a shell from within the Java applet in the target browser. The effected Java versions are JDK and JRE 6 Update 10 and earlier, JDK and JRE 5.0 Update 16 and earlier, SDK and JRE 1.4.2_18 and earlier (SDK and JRE 1.3.1 are not affected).

tags | exploit, java, shell
advisories | CVE-2008-5353
SHA-256 | c3a3d070353114691fd1636dc19113fd8a51770f2e7febb5144445c81db0b5e4
OS X Java Hardening
Posted May 27, 2009
Authored by Marc Schoenefeld

Quick write up discussing how you can harden OS X to protect yourself from the recent Java vulnerability.

tags | paper, java
systems | apple, osx
advisories | CVE-2008-5353
SHA-256 | 36bfdf78c6bf5ae2dde784a8130e4b9a24a88e86824fa590483c0cd9490d32e0
Mac OS X Java Applet Proof Of Concept
Posted May 21, 2009
Authored by Landon Fuller | Site landonf.bikemonkey.org

Mac OS X suffers from a remote command execution vulnerability via a Java applet.

tags | advisory, java, remote
systems | apple, osx
advisories | CVE-2008-5353
SHA-256 | 4580f65cf3091c4fed50937033db47032e395802553bcaaa6d9bb2f59ef1002a
HP Security Bulletin HPSBUX02411 SSRT080111
Posted Mar 11, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote unauthorized access, privilege escalation, execution of arbitrary code, and creation of a Denial of Service (DoS).

tags | advisory, java, remote, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2008-2086, CVE-2008-5339, CVE-2008-5340, CVE-2008-5341, CVE-2008-5342, CVE-2008-5343, CVE-2008-5344, CVE-2008-5345, CVE-2008-5347, CVE-2008-5348, CVE-2008-5350, CVE-2008-5351, CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359
SHA-256 | b28318bad3009da063e0f7190123288b83dd2480b1134e61caefa149bf6cab47
Ubuntu Security Notice 713-1
Posted Jan 28, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-713-1 - Eleven vulnerabilities have been addressed in the openjdk-6 package on Ubuntu.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-5347, CVE-2008-5348, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352, CVE-2008-5353, CVE-2008-5354, CVE-2008-5358, CVE-2008-5359, CVE-2008-5360, CVE-2008-5349
SHA-256 | c5eef1cafb7cff5db2f51ef30df3599561ec0ba3321a4d874f5a488e23ce961c
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close