Release DateMay 29, 2009 |
Severitycritical |
ImpactPrivilege escalation: Remote attackers can leverage their privilege on vulnerable systems. |
DescriptionThis indicates an attack attempt against a privilege-escalation vulnerability in the Jave Runtime Environment (JRE).The vulnerability is caused by an error when the affected software handles processes related to deserializing calendar objects. It allows a remote attacker to escalate privileges such as reading, writing and running local files or applications. |
Affected ProductsJRE for Sun JDK and JRE 6 Update 10 and earlierJDK and JRE 5.0 Update 16 and earlier JRE 1.4.2_18 and earlier |
Recommended ActionsApply the latest update from the vendor:http://sunsolve.sun.com/search/document.do?assetkey=1-66-244991-1 |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2008-5353 |
Reference/shttp://www.securityfocus.com/bid/32608 (BugTraq)http://www.us-cert.gov/cas/techalerts/TA08-340A.html http://sunsolve.sun.com/search/document.do?assetkey=1-66-244991-1 |
