CVE-2008-5358

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll.

Published: Dec 5, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-5358
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
sun / jre	6	6.x
sun / jdk	6-update_6	6-update_6.x
sun / jdk	6-update_7	6-update_7.x
sun / jre	6-update_3	6-update_3.x
sun / jre	6-update_4	6-update_4.x
sun / jdk	6-update_1	6-update_1.x
sun / jdk	6	6.x
sun / jdk	6-update_3	6-update_3.x
sun / jre	6-update_2	6-update_2.x
sun / jdk	6-update_4	6-update_4.x
sun / jre	-	6.x
sun / jdk	-	6.x
sun / jre	6-update_5	6-update_5.x
sun / jdk	6-update_8	6-update_8.x
sun / jdk	6-update_2	6-update_2.x
sun / jre	6-update_7	6-update_7.x
sun / jre	6-update_8	6-update_8.x
sun / jre	6-update_1	6-update_1.x
sun / jdk	6-update_5	6-update_5.x
sun / jre	6-update_6	6-update_6.x

Vulnerability Database

289,697

CVE-2008-5358