| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 1.5 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Sun Java JRE and JDK and classified as critical. This vulnerability affects unknown code of the component Raw Socket Handler. Such manipulation leads to privileges management. This vulnerability is traded as CVE-2008-1194. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.
Details
A vulnerability was found in Sun Java JRE and JDK (Programming Language Software) (the affected version is unknown). It has been rated as problematic. Affected by this issue is an unknown code of the component Raw Socket Handler. The manipulation with an unknown input leads to a privileges management vulnerability. Using CWE to declare the problem leads to CWE-269. The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. The impact remains unknown. CVE summarizes:
Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.
The weakness was shared 03/05/2008 by Gregory Fleischer (Website). The advisory is shared for download at java.sun.com. This vulnerability is handled as CVE-2008-1194 since 03/06/2008. The attack may be launched remotely. A simple authentication is needed for exploitation. There are neither technical details nor an exploit publicly available. The MITRE ATT&CK project declares the attack technique as T1068.
It is declared as proof-of-concept. As 0-day the estimated underground price was around $5k-$25k. The vulnerability scanner Nessus provides a plugin with the ID 32013 (GLSA-200804-20 : Sun JDK/JRE: Multiple vulnerabilities), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Gentoo Local Security Checks. The commercial vulnerability scanner Qualys is able to test this issue with plugin 165677 (SUSE Enterprise Linux Security Update Sun Java (SUSE-SA:2008:018)).
Upgrading eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at java.sun.com. The best possible mitigation is suggested to be upgrading to the latest version. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 5622.
The vulnerability is also documented in the databases at X-Force (41132), Tenable (32013), SecurityFocus (BID 28083†), OSVDB (42599†) and Secunia (SA29239†). The entries VDB-3639, VDB-3636, VDB-3640 and VDB-3645 are related to this item. Once again VulDB remains the best source for vulnerability data.
Product
Type
Vendor
Name
License
Website
- Vendor: https://www.oracle.com/sun/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 1.7VulDB Meta Temp Score: 1.5
VulDB Base Score: 1.7
VulDB Temp Score: 1.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Privileges managementCWE: CWE-269 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 32013
Nessus Name: GLSA-200804-20 : Sun JDK/JRE: Multiple vulnerabilities
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 850018
OpenVAS Name: SurgeMail SurgeWeb Cross Site Scripting Vulnerability
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Patch: java.sun.com
TippingPoint: 🔍
Timeline
03/03/2008 🔍03/05/2008 🔍
03/05/2008 🔍
03/06/2008 🔍
03/06/2008 🔍
03/06/2008 🔍
03/06/2008 🔍
03/09/2008 🔍
03/18/2008 🔍
03/16/2021 🔍
Sources
Vendor: oracle.comAdvisory: java.sun.com⛔
Researcher: Gregory Fleischer
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2008-1194 (🔍)
GCVE (CVE): GCVE-0-2008-1194
GCVE (VulDB): GCVE-100-3644
OVAL: 🔍
X-Force: 41132 - Sun Java Runtime Environment and JDK color management library unspecified denial of service, Medium Risk
SecurityFocus: 28083 - Sun Java SE Multiple Security Vulnerabilities
Secunia: 29239 - Sun Java JDK / JRE Multiple Vulnerabilities, Highly Critical
OSVDB: 42599 - Sun Java JRE Color Management Library SpCurveToPublic Overflow DoS
SecurityTracker: 1019551 - Java Runtime Environment Bugs in Image Parsing Library Let Remote Users Gain Privileges
Vulnerability Center: 17805 - Sun Color Management Library in JRE and JDK Allows Remote Attackers to Cause DoS, Medium
Vupen: ADV-2008-0770
See also: 🔍
Entry
Created: 03/18/2008 10:56Updated: 03/16/2021 12:35
Changes: 03/18/2008 10:56 (90), 06/07/2017 16:04 (6), 03/16/2021 12:35 (3)
Complete: 🔍
Cache ID: 216::103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.