Info

Disclosure

Dec 03, 2008

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Classification

Impact: Loss of Confidentiality
Solution: Upgrade
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version JDK/JRE 5.0 Update 17, JDK/JRE 6 Update 11, SDK/JRE 1.4.2_19, SDK/JRE 1.3.1_24 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

CVE ID: 2008-5342 (see also: NVD)
Secunia Advisory ID: 32991 33015 33457 33536 33710 33935 34233 34447 34605 34889 35065 37386 38539
Related OSVDB ID: 50495 50496 50497 50498 50499 50500 50501 50502 50503 50504 50505 50506 50507 50508 50509 50510 50511 50512 50513
Keyword: c02000725, HPSBMA02486, SSRT090049
Vendor Specific Advisory URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02000725
http://sunsolve.sun.com/search/document.do?assetkey=1-66-244988-1
http://www.gentoo.org/security/en/glsa/glsa-200911-02.xml
http://www.novell.com/linux/security/advisories/2009_18_ibmjava.html
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01683026
Vendor Specific News/Changelog Entry: http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
Vendor Specific Solution URL: http://support.apple.com/downloads/DL776/JavaForMacOSX10.4Release8.dmg
http://support.apple.com/downloads/DL784/JavaForMacOSX10.5Update3.dmg
RedHat RHSA: https://rhn.redhat.com/errata/RHSA-2008-1018.html
https://rhn.redhat.com/errata/RHSA-2008-1025.html
https://rhn.redhat.com/errata/RHSA-2009-0016.html
https://rhn.redhat.com/errata/RHSA-2009-0369.html
https://rhn.redhat.com/errata/RHSA-2009-0445.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/50514