Vulnerability Description
Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Jdk | <= 5.0 |
| Sun | Jre | <= 1.4.2_14 |
| Sun | Sdk | <= 1.4.2_16 |
Related Weaknesses (CWE)
References
- http://dev2dev.bea.com/pub/advisory/277
- http://download.novell.com/Download?buildid=q5exhSqeBjA~Patch
- http://jvn.jp/en/jp/JVN04032535/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html
- http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
- http://secunia.com/advisories/29239Vendor Advisory
- http://secunia.com/advisories/29273Vendor Advisory
- http://secunia.com/advisories/29498Vendor Advisory
- http://secunia.com/advisories/29582Vendor Advisory
- http://secunia.com/advisories/29841Vendor Advisory
- http://secunia.com/advisories/29858Vendor Advisory
- http://secunia.com/advisories/29897Vendor Advisory
- http://secunia.com/advisories/29999Vendor Advisory
FAQ
What is CVE-2008-1187?
CVE-2008-1187 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of...
How severe is CVE-2008-1187?
CVE-2008-1187 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1187?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Jdk, Sun Jre, Sun Sdk.