Heap-based Buffer Overflow in Java Runtime Environment by Sun Microsystems
CVE-2008-5356

Currently unrated

Key Information:

Vendor

Oracle
Status
Jdk
Jre
Sdk
Vendor
CVE Published:
5 December 2008

What is CVE-2008-5356?

The Java Runtime Environment (JRE) from Sun Microsystems is susceptible to a heap-based buffer overflow vulnerability that can be exploited by attackers through a maliciously crafted TrueType font file. This vulnerability affects several versions of JRE and may allow unauthorized access to execute arbitrary code on the affected systems, increasing the risk of further exploitation and damaging attacks.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...
vendor-advisoryx_refsource_SUNALERT
http://marc.info/?l=bugtraq&m=126583436323697&w=2
vendor-advisoryx_refsource_HP
http://lists.opensuse.org/opensuse-security-announce/2009...
vendor-advisoryx_refsource_SUSE

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.