Stack-based Buffer Overflow in Java Runtime Environment for Sun JDK and JRE
CVE-2008-5354
Currently unrated
Summary
A stack-based buffer overflow exists in the Java Runtime Environment (JRE) for Sun's Java Development Kit (JDK) and JRE versions up to 6 Update 10, as well as for earlier versions of JDK and JRE 5.0 and SDK and JRE 1.4.2. This vulnerability can potentially allow untrusted Java applications, whether launched locally or remotely, to execute arbitrary code. The exploit occurs when a JAR file contains a Main-Class manifest entry that is excessively long, leading to a buffer overflow situation.
References
EPSS Score
18% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved