CVE-2008-5358

Publication date 5 December 2008

Last updated 24 July 2024

Description

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
openjdk-6	9.10 karmic	Not affected
	9.04 jaunty	Not affected
	8.10 intrepid	Fixed 6b12-0ubuntu6.1
	8.04 LTS hardy	Fixed 6b11-2ubuntu2.1
	7.10 gutsy	Not in release
	6.06 LTS dapper	Not in release
sun-java5	9.10 karmic	Not in release
	9.04 jaunty	Fixed 1.5.0-19-0ubuntu0.9.04
	8.10 intrepid	Fixed 1.5.0-19-0ubuntu0.8.10
	8.04 LTS hardy	Fixed 1.5.0-22-0ubuntu0.8.04
	7.10 gutsy	Ignored end of life, was needs-triage
	6.06 LTS dapper	Ignored end of life
sun-java6	9.10 karmic	Fixed 6-15-1
	9.04 jaunty	Fixed 6-16-0ubuntu1.9.04
	8.10 intrepid	Fixed 6-14-0ubuntu1.8.10
	8.04 LTS hardy	Fixed 6-17-0ubuntu1.8.04
	7.10 gutsy	Ignored end of life, was needs-triage
	6.06 LTS dapper	Not in release

Notes

kees

http://sunsolve.sun.com/search/document.do?assetkey=1-26-244987-1 6766136

References

Related Ubuntu Security Notices (USN)

USN-713-1
openjdk-6 vulnerabilities
27 January 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2008-5358