critical
9.3
CWE
254
Advisory Published
Updated

CVE-2008-1195

First published: Thu Mar 06 2008(Updated: )

Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
OpenJDK=1.5.0
OpenJDK=1.5.0-update1
OpenJDK=1.5.0-update10
OpenJDK=1.5.0-update11
OpenJDK=1.5.0-update12
OpenJDK=1.5.0-update13
OpenJDK=1.5.0-update14
OpenJDK=1.5.0-update2
OpenJDK=1.5.0-update3
OpenJDK=1.5.0-update4
OpenJDK=1.5.0-update5
OpenJDK=1.5.0-update6
OpenJDK=1.5.0-update7
OpenJDK=1.5.0-update8
OpenJDK=1.5.0-update9
OpenJDK=1.6.0
OpenJDK=1.6.0-update_3
OpenJDK=1.6.0-update_4
Sun JRE=1.4.2
Sun JRE=1.4.2_1
Sun JRE=1.4.2_2
Sun JRE=1.4.2_3
Sun JRE=1.4.2_4
Sun JRE=1.4.2_5
Sun JRE=1.4.2_6
Sun JRE=1.4.2_7
Sun JRE=1.4.2_8
Sun JRE=1.4.2_9
Sun JRE=1.4.2_10
Sun JRE=1.4.2_11
Sun JRE=1.4.2_12
Sun JRE=1.4.2_13
Sun JRE=1.4.2_14
Sun JRE=1.4.2_15
Sun JRE=1.4.2_16
Sun JRE=1.5.0
Sun JRE=1.5.0-update1
Sun JRE=1.5.0-update10
Sun JRE=1.5.0-update11
Sun JRE=1.5.0-update12
Sun JRE=1.5.0-update13
Sun JRE=1.5.0-update14
Sun JRE=1.5.0-update2
Sun JRE=1.5.0-update3
Sun JRE=1.5.0-update4
Sun JRE=1.5.0-update5
Sun JRE=1.5.0-update6
Sun JRE=1.5.0-update7
Sun JRE=1.5.0-update8
Sun JRE=1.5.0-update9
Sun JRE=1.6.0
Sun JRE=1.6.0-update_1
Sun JRE=1.6.0-update_2
Sun JRE=1.6.0-update_3
Sun JRE=1.6.0-update_4
Sun SDK=1.4.2
Sun SDK=1.4.2_1
Sun SDK=1.4.2_2
Sun SDK=1.4.2_3
Sun SDK=1.4.2_4
Sun SDK=1.4.2_5
Sun SDK=1.4.2_6
Sun SDK=1.4.2_7
Sun SDK=1.4.2_8
Sun SDK=1.4.2_9
Sun SDK=1.4.2_10
Sun SDK=1.4.2_11
Sun SDK=1.4.2_12
Sun SDK=1.4.2_13
Sun SDK=1.4.2_14
Sun SDK=1.4.2_15
Sun SDK=1.4.2_16
Ubuntu Linux=6.06
Ubuntu Linux=6.10
Ubuntu Linux=7.04
Ubuntu Linux=7.10
Ubuntu=6.06
Ubuntu=7.04
Ubuntu=7.10
Ubuntu=6.10

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2008-1195?

    CVE-2008-1195 is classified with a severity level that can vary but is generally viewed as critical due to its potential for remote exploitation.

  • How do I fix CVE-2008-1195?

    To fix CVE-2008-1195, update your Sun JDK or JRE to the latest patched version provided by Oracle.

  • What are the affected versions for CVE-2008-1195?

    CVE-2008-1195 affects Sun JDK versions 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK and JRE 1.4.2_16 and earlier.

  • Can CVE-2008-1195 lead to unauthorized access?

    Yes, CVE-2008-1195 allows remote attackers to access arbitrary network services on the local host, which can lead to unauthorized access.

  • Is there a workaround for CVE-2008-1195?

    A temporary workaround for CVE-2008-1195 may include disabling Java in your browser settings until an update is applied.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203