Novell Home

CVE-2008-5358

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2008-5358 at MITRE

Description

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll.

NVD CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entries: 456770, 471829, 496004

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP2 for x86
  • java-1_4_2-sun >= 1.4.2.19-0.3
  • java-1_4_2-sun-alsa >= 1.4.2.19-0.3
  • java-1_4_2-sun-demo >= 1.4.2.19-0.3
  • java-1_4_2-sun-devel >= 1.4.2.19-0.3
  • java-1_4_2-sun-jdbc >= 1.4.2.19-0.3
  • java-1_4_2-sun-plugin >= 1.4.2.19-0.3
  • java-1_4_2-sun-src >= 1.4.2.19-0.3
sled10-sp2.x86-64
sles10-sp2.ia64
sled10-sp2.x86
sles10-sp2.x86-64
sles10-sp2.x86
ZYPP Patch Nr: 5852
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP2 for x86
  • java-1_4_2-sun >= 1.4.2.19-0.3
  • java-1_4_2-sun-alsa >= 1.4.2.19-0.3
  • java-1_4_2-sun-devel >= 1.4.2.19-0.3
  • java-1_4_2-sun-jdbc >= 1.4.2.19-0.3
  • java-1_4_2-sun-plugin >= 1.4.2.19-0.3
sled10-sp2.x86-64
sles10-sp2.ia64
sled10-sp2.x86
sles10-sp2.x86-64
sles10-sp2.x86
ZYPP Patch Nr: 5852
SUSE Linux Enterprise Server 10 SP2 for IPF
  • java-1_4_2-sun >= 1.4.2.19-0.3
  • java-1_4_2-sun-devel >= 1.4.2.19-0.3
  • java-1_4_2-sun-jdbc >= 1.4.2.19-0.3
  • java-1_4_2-sun-plugin >= 1.4.2.19-0.3
sled10-sp2.x86-64
sles10-sp2.ia64
sled10-sp2.x86
sles10-sp2.x86-64
sles10-sp2.x86
ZYPP Patch Nr: 5852
SUSE CORE 9 for AMD64 and Intel EM64T
  • java2 >= 1.4.2-129.49
  • java2-jre >= 1.4.2-129.49
Builds
YOU Patch Nr: 12799
openSUSE 10.3
  • java-1_5_0-sun >= 1.5.0_update17-0.1
  • java-1_5_0-sun-alsa >= 1.5.0_update17-0.1
  • java-1_5_0-sun-demo >= 1.5.0_update17-0.1
  • java-1_5_0-sun-devel >= 1.5.0_update17-0.1
  • java-1_5_0-sun-jdbc >= 1.5.0_update17-0.1
  • java-1_5_0-sun-plugin >= 1.5.0_update17-0.1
  • java-1_5_0-sun-src >= 1.5.0_update17-0.1
openSUSE 10.3
  • java-1_6_0-sun >= 1.6.0.u11-0.1
  • java-1_6_0-sun-alsa >= 1.6.0.u11-0.1
  • java-1_6_0-sun-debuginfo >= 1.6.0.u11-0.1
  • java-1_6_0-sun-demo >= 1.6.0.u11-0.1
  • java-1_6_0-sun-devel >= 1.6.0.u11-0.1
  • java-1_6_0-sun-jdbc >= 1.6.0.u11-0.1
  • java-1_6_0-sun-plugin >= 1.6.0.u11-0.1
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Novell Linux POS 9
Open Enterprise Server
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE CORE 9 for Itanium Processor Family
SUSE CORE 9 for x86
  • java2 >= 1.4.2-129.48
  • java2-jre >= 1.4.2-129.48
sles9-nlpos.x86
core9.x86-64
core9.x86
sles9-nld.x86
sles9-nld.x86-64
sles9-oes.x86
core9.ia64
YOU Patch Nr: 12321

List of products where fixes are in QA

© 2012 Novell