CVE-2008-5354

Publication date 5 December 2008

Last updated 24 July 2024

Ubuntu priority

Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with a long Main-Class manifest entry.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
openjdk-6	9.10 karmic	Not affected
	9.04 jaunty	Not affected
	8.10 intrepid	Fixed 6b12-0ubuntu6.1
	8.04 LTS hardy	Fixed 6b11-2ubuntu2.1
	7.10 gutsy	Not in release
	6.06 LTS dapper	Not in release
sun-java5	9.10 karmic	Not in release
	9.04 jaunty	Fixed 1.5.0-19-0ubuntu0.9.04
	8.10 intrepid	Fixed 1.5.0-19-0ubuntu0.8.10
	8.04 LTS hardy	Fixed 1.5.0-22-0ubuntu0.8.04
	7.10 gutsy	Ignored end of life, was needs-triage
	6.06 LTS dapper	Ignored end of life
sun-java6	9.10 karmic	Fixed 6-15-1
	9.04 jaunty	Fixed 6-16-0ubuntu1.9.04
	8.10 intrepid	Fixed 6-14-0ubuntu1.8.10
	8.04 LTS hardy	Fixed 6-17-0ubuntu1.8.04
	7.10 gutsy	Ignored end of life, was needs-triage
	6.06 LTS dapper	Not in release

Notes

kees

http://sunsolve.sun.com/search/document.do?assetkey=1-26-244990-1 6733959

References

Related Ubuntu Security Notices (USN)

USN-713-1
openjdk-6 vulnerabilities
27 January 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2008-5354