JVN/CVE Demo: Cveinfos

CVE

Id: 35456
CVE No.: CVE-2008-5339
Status: Candidate
Description: Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka CR 6727079.
Phase: Assigned (20081204)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
388670	35456	CVE-2008-5339	CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2008-486.htm	View
388671	35456	CVE-2008-5339	CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm	View
388672	35456	CVE-2008-5339	CONFIRM:http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=	View
388673	35456	CVE-2008-5339	CONFIRM:http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf	View
388674	35456	CVE-2008-5339	GENTOO:GLSA-200911-02	View
388675	35456	CVE-2008-5339	URL:http://security.gentoo.org/glsa/glsa-200911-02.xml	View
388676	35456	CVE-2008-5339	HP:HPSBUX02411	View
388677	35456	CVE-2008-5339	URL:http://marc.info/?l=bugtraq&m=123678756409861&w=2	View
388678	35456	CVE-2008-5339	HP:SSRT080111	View
388679	35456	CVE-2008-5339	URL:http://marc.info/?l=bugtraq&m=123678756409861&w=2	View
388680	35456	CVE-2008-5339	HP:HPSBMA02486	View
388681	35456	CVE-2008-5339	URL:http://marc.info/?l=bugtraq&m=126583436323697&w=2	View
388682	35456	CVE-2008-5339	HP:SSRT090049	View
388683	35456	CVE-2008-5339	URL:http://marc.info/?l=bugtraq&m=126583436323697&w=2	View
388684	35456	CVE-2008-5339	REDHAT:RHSA-2008:1018	View
388685	35456	CVE-2008-5339	URL:http://rhn.redhat.com/errata/RHSA-2008-1018.html	View
388686	35456	CVE-2008-5339	REDHAT:RHSA-2008:1025	View
388687	35456	CVE-2008-5339	URL:http://rhn.redhat.com/errata/RHSA-2008-1025.html	View
388688	35456	CVE-2008-5339	REDHAT:RHSA-2009:0015	View
388689	35456	CVE-2008-5339	URL:http://www.redhat.com/support/errata/RHSA-2009-0015.html	View
388690	35456	CVE-2008-5339	REDHAT:RHSA-2009:0016	View
388691	35456	CVE-2008-5339	URL:http://www.redhat.com/support/errata/RHSA-2009-0016.html	View
388692	35456	CVE-2008-5339	REDHAT:RHSA-2009:0445	View
388693	35456	CVE-2008-5339	URL:http://www.redhat.com/support/errata/RHSA-2009-0445.html	View
388694	35456	CVE-2008-5339	SUNALERT:244988	View
388695	35456	CVE-2008-5339	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-244988-1	View
388696	35456	CVE-2008-5339	SUSE:SUSE-SA:2009:007	View
388697	35456	CVE-2008-5339	URL:http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html	View
388698	35456	CVE-2008-5339	SUSE:SUSE-SA:2009:018	View
388699	35456	CVE-2008-5339	URL:http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html	View
388700	35456	CVE-2008-5339	SUSE:SUSE-SR:2009:010	View
388701	35456	CVE-2008-5339	URL:http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html	View
388702	35456	CVE-2008-5339	CERT:TA08-340A	View
388703	35456	CVE-2008-5339	URL:http://www.us-cert.gov/cas/techalerts/TA08-340A.html	View
388704	35456	CVE-2008-5339	OVAL:oval:org.mitre.oval:def:6409	View
388705	35456	CVE-2008-5339	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6409	View
388706	35456	CVE-2008-5339	SECUNIA:34233	View
388707	35456	CVE-2008-5339	URL:http://secunia.com/advisories/34233	View
388708	35456	CVE-2008-5339	SECUNIA:34605	View
388709	35456	CVE-2008-5339	URL:http://secunia.com/advisories/34605	View
388710	35456	CVE-2008-5339	SECUNIA:34889	View
388711	35456	CVE-2008-5339	URL:http://secunia.com/advisories/34889	View
388712	35456	CVE-2008-5339	SECUNIA:35065	View
388713	35456	CVE-2008-5339	URL:http://secunia.com/advisories/35065	View
388714	35456	CVE-2008-5339	SECUNIA:37386	View
388715	35456	CVE-2008-5339	URL:http://secunia.com/advisories/37386	View
388716	35456	CVE-2008-5339	SECUNIA:38539	View
388717	35456	CVE-2008-5339	URL:http://secunia.com/advisories/38539	View
388718	35456	CVE-2008-5339	VUPEN:ADV-2008-3339	View
388719	35456	CVE-2008-5339	URL:http://www.vupen.com/english/advisories/2008/3339	View
388720	35456	CVE-2008-5339	SECUNIA:32991	View
388721	35456	CVE-2008-5339	URL:http://secunia.com/advisories/32991	View
388722	35456	CVE-2008-5339	SECUNIA:33015	View
388723	35456	CVE-2008-5339	URL:http://secunia.com/advisories/33015	View
388724	35456	CVE-2008-5339	SECUNIA:33710	View
388725	35456	CVE-2008-5339	URL:http://secunia.com/advisories/33710	View
388726	35456	CVE-2008-5339	SECUNIA:33528	View
388727	35456	CVE-2008-5339	URL:http://secunia.com/advisories/33528	View
388728	35456	CVE-2008-5339	VUPEN:ADV-2009-0672	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
46836	JVNDB-2008-002146	Sun Java Web Start および Java Plug-in における HTTP セッションをハイジャックされる脆弱性	Sun Java Web Start (JWS) および Java Plug-in には、認証されていないネットワークコネクションを作成される、およびブラウザに保存されたクッキーを使用する HTTP セッションをハイジャックされる脆弱性が存在します。	CVE-2008-5343	35456	9		http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002146.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.34 MB
View render complete	2.84 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.01
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	416.29
Event: Controller.beforeRender	4.57
» Processing toolbar data	4.48
Rendering View	17.53
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	16.59
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.51
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/35456
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/35456
Remote Port	52654
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.167
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.66.129
Http Via	1.1 squid-proxy-5b5d847c96-sh5pg (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.167
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.167
Unique Id	aN1Yxr_1q28cQiuDYIAqdAAAAWc
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.167
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.167
Redirect Unique Id	aN1Yxr_1q28cQiuDYIAqdAAAAWc
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.167
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.167
Redirect Redirect Unique Id	aN1Yxr_1q28cQiuDYIAqdAAAAWc
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759336646.4498
Request Time	1759336646

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files