Upstream information

CVE-2008-5341 at MITRE

Description

Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5
Vector AV:N/AC:L/Au:N/C:P/I:N/A:N
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
SUSE Bugzilla entries: 456770 [RESOLVED / FIXED], 465624 [RESOLVED / FIXED], 496004 [RESOLVED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11
  • java-1_6_0-ibm >= 1.6.0-124.6.1
  • java-1_6_0-ibm-alsa >= 1.6.0-124.6.1
  • java-1_6_0-ibm-alsa-x86 >= 1.6.0-124.7.1
  • java-1_6_0-ibm-fonts >= 1.6.0-124.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0-124.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0-124.6.1
  • java-1_6_0-ibm-x86 >= 1.6.0-124.7.1
Patchnames:
slessp0-java-1_6_0-ibm
SUSE Linux Enterprise Server for SAP Applications 11
  • java-1_6_0-ibm >= 1.6.0-124.6.1
  • java-1_6_0-ibm-alsa >= 1.6.0-124.6.1
  • java-1_6_0-ibm-alsa-x86 >= 1.6.0-124.7.1
  • java-1_6_0-ibm-fonts >= 1.6.0-124.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0-124.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0-124.6.1
  • java-1_6_0-ibm-x86 >= 1.6.0-124.7.1
Patchnames:
slessp0-java-1_6_0-ibm
SUSE Linux Enterprise SDK 11 GA
  • java-1_6_0-ibm >= 1.6.0-124.6.1
  • java-1_6_0-ibm-devel >= 1.6.0-124.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0-124.6.1
sle11-sdk.s390x
sle11-sdk.x86-64
sle11-sdk.x86
sles11.x86-64
sle11-sdk.ppc
sles11.x86
sles11.ppc
sles11.s390x
SAT Patch Nr: 736
SUSE Linux Enterprise SDK 11 GA
  • java-1_6_0-ibm-devel >= 1.6.0-124.6.1
sle11-sdk.s390x
sle11-sdk.x86-64
sle11-sdk.x86
sles11.x86-64
sle11-sdk.ppc
sles11.x86
sles11.ppc
sles11.s390x
SAT Patch Nr: 736
SUSE Linux Enterprise Server 11 GA
  • java-1_6_0-ibm >= 1.6.0-124.6.1
  • java-1_6_0-ibm-alsa >= 1.6.0-124.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0-124.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0-124.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0-124.6.1
sle11-sdk.s390x
sle11-sdk.x86-64
sle11-sdk.x86
sles11.x86-64
sle11-sdk.ppc
sles11.x86
sles11.ppc
sles11.s390x
SAT Patch Nr: 736
SUSE Linux Enterprise Server 11 GA
  • java-1_6_0-ibm >= 1.6.0-124.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0-124.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0-124.6.1
sle11-sdk.s390x
sle11-sdk.x86-64
sle11-sdk.x86
sles11.x86-64
sle11-sdk.ppc
sles11.x86
sles11.ppc
sles11.s390x
SAT Patch Nr: 736
Open Enterprise Server
  • IBMJava5-JRE >= 1.5.0-0.57
  • IBMJava5-SDK >= 1.5.0-0.57
core9.x86
core9.s390
core9.x86-64
core9.ppc
sles9-nlpos.x86
core9.s390x
sles9-oes.x86
YOU Patch Nr: 12336
openSUSE 11.0
  • java-1_5_0-sun >= 1.5.0_update17-0.1
  • java-1_5_0-sun-alsa >= 1.5.0_update17-0.1
  • java-1_5_0-sun-demo >= 1.5.0_update17-0.1
  • java-1_5_0-sun-devel >= 1.5.0_update17-0.1
  • java-1_5_0-sun-jdbc >= 1.5.0_update17-0.1
  • java-1_5_0-sun-plugin >= 1.5.0_update17-0.1
  • java-1_5_0-sun-src >= 1.5.0_update17-0.1
openSUSE 11.1
  • java-1_5_0-sun >= 1.5.0_update17-1.1
  • java-1_5_0-sun-alsa >= 1.5.0_update17-1.1
  • java-1_5_0-sun-devel >= 1.5.0_update17-1.1
  • java-1_5_0-sun-jdbc >= 1.5.0_update17-1.1
  • java-1_5_0-sun-plugin >= 1.5.0_update17-1.1
openSUSE 11.0
  • java-1_6_0-sun >= 1.6.0.u11-0.1
  • java-1_6_0-sun-alsa >= 1.6.0.u11-0.1
  • java-1_6_0-sun-demo >= 1.6.0.u11-0.1
  • java-1_6_0-sun-devel >= 1.6.0.u11-0.1
  • java-1_6_0-sun-jdbc >= 1.6.0.u11-0.1
  • java-1_6_0-sun-plugin >= 1.6.0.u11-0.1
openSUSE 11.1
  • java-1_6_0-sun >= 1.6.0.u11-1.1
  • java-1_6_0-sun-alsa >= 1.6.0.u11-1.1
  • java-1_6_0-sun-devel >= 1.6.0.u11-1.1
  • java-1_6_0-sun-jdbc >= 1.6.0.u11-1.1
  • java-1_6_0-sun-plugin >= 1.6.0.u11-1.1
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
  • java2 >= 1.4.2-129.48
  • java2-jre >= 1.4.2-129.48
sles9-nlpos.x86
core9.x86-64
core9.x86
sles9-nld.x86
sles9-nld.x86-64
sles9-oes.x86
core9.ia64
YOU Patch Nr: 12321