Java Runtime Environment Vulnerability in Sun JDK and JRE Products
CVE-2008-5355

Currently unrated

Key Information:

Vendor

Oracle
Status
Jdk
Jre
Sdk
Vendor
CVE Published:
5 December 2008

What is CVE-2008-5355?

The Java Update feature in various versions of the Java Runtime Environment fails to verify the signature of downloaded JREs. This flaw enables remote attackers to exploit DNS man-in-the-middle attacks, potentially executing arbitrary code on affected systems. Users are advised to ensure they are running the latest versions and apply updates promptly to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1021315
vdb-entryx_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://security.gentoo.org/glsa/glsa-200911-02.xml
vendor-advisoryx_refsource_GENTOO

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.