Skip to navigation

CVE Database

CVE-2008-1196

Impact: Critical
Public: 2008-03-06
Bugzilla: 436302: CVE-2008-1196 Buffer overflow security vulnerabilities in Java Web Start

Details

The MITRE CVE dictionary describes this issue as:

Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.

Find out more about CVE-2008-1196 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux Server Supplementary (v. 5) (java-1.4.2-ibm) RHSA-2008:0555 July 14, 2008
Red Hat Enterprise Linux Server Supplementary (v. 5) (java-1.5.0-ibm) RHSA-2008:0210 April 03, 2008
Red Hat Enterprise Linux Server Supplementary (v. 5) (java-1.5.0-sun) RHSA-2008:0186 March 06, 2008
Red Hat Enterprise Linux Server Supplementary (v. 5) (java-1.6.0-ibm) RHSA-2008:0267 May 19, 2008
Red Hat Enterprise Linux version 3 Extras (java-1.4.2-ibm) RHSA-2008:0555 July 14, 2008
Red Hat Enterprise Linux version 4 Extras (java-1.4.2-ibm) RHSA-2008:0555 July 14, 2008
Red Hat Enterprise Linux version 4 Extras (java-1.5.0-ibm) RHSA-2008:0210 April 03, 2008
Red Hat Enterprise Linux version 4 Extras (java-1.5.0-sun) RHSA-2008:0186 March 06, 2008
Red Hat Satellite 5.1 (RHEL v.4 AS) (java-1.5.0-ibm) RHSA-2008:0638 August 13, 2008

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.