Oval Definition:oval:org.opensuse.security:def:20085353
Revision Date:2022-05-20Version:1
Title:CVE-2008-5353
Description:

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by "deserializing Calendar objects".
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-5353
Mitre CVE-2008-5353
SUSE CVE-2008-5353
SUSE-SA:2009:001
SUSE-SA:2009:001
SUSE-SA:2009:007
SUSE-SA:2009:007
SUSE-SA:2009:018
SUSE-SA:2009:018
SUSE-SR:2009:006
SUSE-SR:2009:006
SUSE-SR:2009:010
SUSE-SR:2009:010
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
sles10-ltss.i386
sles10-ltss.s390x
sles10-ltss.x86_64
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server for SAP Applications 11
Product(s):
Definition Synopsis
  • Release Information
  • sles10-ltss is installed
  • AND
  • java-1_4_2-ibm-devel less than 1.4.2_sr13-0.2.2
  • OR java-1_4_2-ibm-jdbc less than 1.4.2_sr13-0.2.2
  • OR java-1_4_2-ibm-plugin less than 1.4.2_sr13-0.2.2
  • OR java-1_4_2-ibm less than 1.4.2_sr13-0.2.2
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND
  • java-1_4_2-ibm-devel less than 1.4.2_sr13-0.4
  • OR java-1_4_2-ibm-jdbc less than 1.4.2_sr13-0.4
  • OR java-1_4_2-ibm-plugin less than 1.4.2_sr13-0.4
  • OR java-1_4_2-ibm less than 1.4.2_sr13-0.4
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • java-1_4_2-ibm-1.4.2_sr13-0.1 is installed
  • OR java-1_4_2-ibm-jdbc-1.4.2_sr13-0.1 is installed
  • OR java-1_4_2-ibm-plugin-1.4.2_sr13-0.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND Package Information
  • java-1_4_2-ibm-1.4.2_sr13-0.1.1 is installed
  • OR java-1_4_2-ibm-jdbc-1.4.2_sr13-0.1.1 is installed
  • OR java-1_4_2-ibm-plugin-1.4.2_sr13-0.1.1 is installed
    • BACK