VYPR
Unrated severityNVD Advisory· Published Dec 5, 2008· Updated Jun 16, 2026

CVE-2008-5357

CVE-2008-5357

Description

Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which triggers a heap-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

131
  • Sun Corporation/Jdk20 versions
    cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*+ 19 more
    • cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:-:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
    • (no CPE)range: <=6 Update 10, <=5.0 Update 16, <=1.4.2_18, <=1.3.1_23
  • Sun Corporation/Jre60 versions
    cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*+ 59 more
    • cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_20:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_21:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_22:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_23:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:-:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
  • Sun Corporation/SDK50 versions
    cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*+ 49 more
    • cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_21:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_22:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_23:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_18:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*
    • (no CPE)range: <=1.4.2_18, <=1.3.1_23
  • Range: <=6 Update 10, <=5.0 Update 16, <=1.4.2_18, <=1.3.1_23

Patches

Vulnerability mechanics

References

37

News mentions

0

No linked articles in our index yet.