What is the severity of CVE-2008-5351?

CVE-2008-5351 has a moderate severity rating as it allows attackers to bypass security mechanisms.

How do I fix CVE-2008-5351?

To fix CVE-2008-5351, upgrade to a patched version of the Java Runtime Environment (JRE).

What impact does CVE-2008-5351 have on applications?

CVE-2008-5351 may allow attackers to manipulate input encoding, potentially leading to unauthorized access or system compromise.

Who is affected by CVE-2008-5351?

Developers and organizations using vulnerable versions of Sun JDK or JRE for application development and deployment are affected by CVE-2008-5351.

Vulnerability/
CVE-2008-5351

high

7.5

CWE

264

5/12/2008

7/8/2024

CVE-2008-5351

Q: Which versions are affected by CVE-2008-5351?

CVE-2008-5351 affects Sun JDK and JRE 6 Update 10 and earlier, JDK and JRE 5.0 Update 16 and earlier, and SDK and JRE 1.4.2_18 and earlier.

First published: Fri Dec 05 2008(Updated: )

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms for other applications that rely on shortest-form UTF-8 encodings.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Sun JDK	=5.0-update_12
Sun JRE	=6
Sun JRE	=1.4.2_7
Sun JDK	=5.0-update_15
Sun JDK	<=5.0
Sun JRE	=1.4.2_16
Sun JDK	=5.0-update_3
Sun JRE	=5.0-update_13
Sun JRE	=5.0-update_1
Sun JDK	=5.0-update_11
Sun JRE	=1.4.2_4
Sun SDK	=1.4.2_10
Sun SDK	=1.4.2_12
Sun JRE	=1.4.2_2
Sun JDK	=6-update_6
Sun JDK	=6-update_7
Sun JDK	=5.0-update_8
Sun JRE	=5.0-update_14
Sun JRE	=6-update_3
Sun JRE	=6-update_4
Sun JRE	=5.0-update_12
Sun SDK	=1.4.2_17
Sun SDK	=1.4.2_14
Sun JDK	=5.0-update_1
Sun JRE	=1.4.2_15
Sun JDK	=6-update_1
Sun JDK	=6
Sun JDK	=6-update_3
Sun JRE	=1.4.2_13
Sun JRE	=1.4.2_1
Sun JDK	=6-update_9
Sun SDK	=1.4.2_13
Sun JRE	=1.4.2_8
Sun JDK	=5.0-update_5
Sun SDK	=1.4.2_6
Sun JRE	=6-update_2
Sun JRE	=5.0-update_4
Sun JRE	=6-update_9
Sun JDK	=6-update_4
Sun SDK	<=1.4.2_18
Sun JRE	<=1.4.2_18
Sun SDK	=1.4.2_2
Sun SDK	=1.4.2_5
Sun JRE	=5.0-update_9
Sun JRE	=1.4.2_12
Sun SDK	=1.4.2_1
Sun JRE	=5.0-update_8
Sun JRE	<=6
Sun JDK	<=6
Sun JRE	=5.0-update_7
Sun JDK	=5.0-update_6
Sun JRE	=5.0-update_15
Sun SDK	=1.4.2_4
Sun JRE	=1.4.2_14
Sun JRE	=6-update_5
Sun JDK	=5.0-update_14
Sun JDK	=6-update_8
Sun JRE	=5.0-update_2
Sun JRE	=1.4.2_10
Sun JRE	<=5.0
Sun JRE	=1.4.2_17
Sun JDK	=6-update_2
Sun SDK	=1.4.2_7
Sun JRE	=6-update_7
Sun JRE	=6-update_8
Sun SDK	=1.4.2_8
Sun JDK	=5.0-update_13
Sun JRE	=5.0-update_5
Sun JRE	=1.4.2_9
Sun SDK	=1.4.2_16
Sun SDK	=1.4.2_11
Sun JRE	=5.0-update_6
Sun JRE	=5.0-update_11
Sun JRE	=1.4.2_11
Sun SDK	=1.4.2_9
Sun JRE	=6-update_1
Sun JDK	=6-update_5
Sun JDK	=5.0-update_10
Sun SDK	=1.4.2_3
Sun JRE	=1.4.2_3
Sun JRE	=1.4.2_5
Sun JDK	=5.0-update_2
Sun JRE	=5.0
Sun SDK	=1.4.2_15
Sun JDK	=5.0-update_4
Sun JDK	=5.0-update_9
Sun JRE	=6-update_6
Sun JRE	=5.0-update_3
Sun JRE	=1.4.2_6
Sun JRE	=5.0-update_10
Sun JDK	=5.0-update_7

Remedy

http://sunsolve.sun.com/search/document.do?assetkey=1-26-245246-1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-5351?
CVE-2008-5351 has a moderate severity rating as it allows attackers to bypass security mechanisms.
How do I fix CVE-2008-5351?
To fix CVE-2008-5351, upgrade to a patched version of the Java Runtime Environment (JRE).
Which versions are affected by CVE-2008-5351?
CVE-2008-5351 affects Sun JDK and JRE 6 Update 10 and earlier, JDK and JRE 5.0 Update 16 and earlier, and SDK and JRE 1.4.2_18 and earlier.
What impact does CVE-2008-5351 have on applications?
CVE-2008-5351 may allow attackers to manipulate input encoding, potentially leading to unauthorized access or system compromise.
Who is affected by CVE-2008-5351?
Developers and organizations using vulnerable versions of Sun JDK or JRE for application development and deployment are affected by CVE-2008-5351.

collector/nvd-historical
collector/nvd-index
agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/remedy
agent/weakness
agent/references
agent/severity
agent/last-modified-date
agent/author
agent/first-publish-date
agent/description
agent/event
agent/tags
agent/source
vendor/sun
canonical/sun jdk
version/sun jdk/5.0-update_12
canonical/sun jre
version/sun jre/6
version/sun jre/1.4.2_7
version/sun jdk/5.0-update_15
version/sun jdk/5.0
version/sun jre/1.4.2_16
version/sun jdk/5.0-update_3
version/sun jre/5.0-update_13
version/sun jre/5.0-update_1
version/sun jdk/5.0-update_11
version/sun jre/1.4.2_4
canonical/sun sdk
version/sun sdk/1.4.2_10
version/sun sdk/1.4.2_12
version/sun jre/1.4.2_2
version/sun jdk/6-update_6
version/sun jdk/6-update_7
version/sun jdk/5.0-update_8
version/sun jre/5.0-update_14
version/sun jre/6-update_3
version/sun jre/6-update_4
version/sun jre/5.0-update_12
version/sun sdk/1.4.2_17
version/sun sdk/1.4.2_14
version/sun jdk/5.0-update_1
version/sun jre/1.4.2_15
version/sun jdk/6-update_1
version/sun jdk/6
version/sun jdk/6-update_3
version/sun jre/1.4.2_13
version/sun jre/1.4.2_1
version/sun jdk/6-update_9
version/sun sdk/1.4.2_13
version/sun jre/1.4.2_8
version/sun jdk/5.0-update_5
version/sun sdk/1.4.2_6
version/sun jre/6-update_2
version/sun jre/5.0-update_4
version/sun jre/6-update_9
version/sun jdk/6-update_4
version/sun sdk/1.4.2_18
version/sun jre/1.4.2_18
version/sun sdk/1.4.2_2
version/sun sdk/1.4.2_5
version/sun jre/5.0-update_9
version/sun jre/1.4.2_12
version/sun sdk/1.4.2_1
version/sun jre/5.0-update_8
version/sun jre/5.0-update_7
version/sun jdk/5.0-update_6
version/sun jre/5.0-update_15
version/sun sdk/1.4.2_4
version/sun jre/1.4.2_14
version/sun jre/6-update_5
version/sun jdk/5.0-update_14
version/sun jdk/6-update_8
version/sun jre/5.0-update_2
version/sun jre/1.4.2_10
version/sun jre/5.0
version/sun jre/1.4.2_17
version/sun jdk/6-update_2
version/sun sdk/1.4.2_7
version/sun jre/6-update_7
version/sun jre/6-update_8
version/sun sdk/1.4.2_8
version/sun jdk/5.0-update_13
version/sun jre/5.0-update_5
version/sun jre/1.4.2_9
version/sun sdk/1.4.2_16
version/sun sdk/1.4.2_11
version/sun jre/5.0-update_6
version/sun jre/5.0-update_11
version/sun jre/1.4.2_11
version/sun sdk/1.4.2_9
version/sun jre/6-update_1
version/sun jdk/6-update_5
version/sun jdk/5.0-update_10
version/sun sdk/1.4.2_3
version/sun jre/1.4.2_3
version/sun jre/1.4.2_5
version/sun jdk/5.0-update_2
version/sun sdk/1.4.2_15
version/sun jdk/5.0-update_4
version/sun jdk/5.0-update_9
version/sun jre/6-update_6
version/sun jre/5.0-update_3
version/sun jre/1.4.2_6
version/sun jre/5.0-update_10
version/sun jdk/5.0-update_7

CVE-2008-5351

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-5351?

How do I fix CVE-2008-5351?

Which versions are affected by CVE-2008-5351?

What impact does CVE-2008-5351 have on applications?

Who is affected by CVE-2008-5351?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2008-5351?

How do I fix CVE-2008-5351?

Which versions are affected by CVE-2008-5351?

What impact does CVE-2008-5351 have on applications?

Who is affected by CVE-2008-5351?