Trend Micro Security

Sun Java Runtime Environment And Java Development Kit Security Vulnerability

  危険度: : 緊急
  CVE識別番号: CVE-2008-5353

  概要

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by "deserializing Calendar objects".

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1004870
  Trend Micro Deep Security DPI Rule Name: 1004870 - Identified Suspicious Jar File

  影響を受けるソフトウェア

  • sun jdk 5.0
  • sun jdk 6
  • sun jre 1.4.2_1
  • sun jre 1.4.2_10
  • sun jre 1.4.2_11
  • sun jre 1.4.2_12
  • sun jre 1.4.2_13
  • sun jre 1.4.2_14
  • sun jre 1.4.2_15
  • sun jre 1.4.2_16
  • sun jre 1.4.2_17
  • sun jre 1.4.2_18
  • sun jre 1.4.2_2
  • sun jre 1.4.2_3
  • sun jre 1.4.2_4
  • sun jre 1.4.2_5
  • sun jre 1.4.2_6
  • sun jre 1.4.2_7
  • sun jre 1.4.2_8
  • sun jre 1.4.2_9
  • sun jre 5.0
  • sun jre 6
  • sun sdk 1.4.2_1
  • sun sdk 1.4.2_10
  • sun sdk 1.4.2_11
  • sun sdk 1.4.2_12
  • sun sdk 1.4.2_13
  • sun sdk 1.4.2_14
  • sun sdk 1.4.2_15
  • sun sdk 1.4.2_16
  • sun sdk 1.4.2_17
  • sun sdk 1.4.2_18
  • sun sdk 1.4.2_2
  • sun sdk 1.4.2_3
  • sun sdk 1.4.2_4
  • sun sdk 1.4.2_5
  • sun sdk 1.4.2_6
  • sun sdk 1.4.2_7
  • sun sdk 1.4.2_8
  • sun sdk 1.4.2_9