Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2008-0628

The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.06
EPSS Ranking 90.3%
CVSS Severity
CVSS v2 Score 7.8
References
Products affected by CVE-2008-0628
  • Sun » Jdk » Version: 1.6
    cpe:2.3:a:sun:jdk:1.6
  • Sun » Jre » Version: 1.3.0
    cpe:2.3:a:sun:jre:1.3.0
  • Sun » Jre » Version: 1.4.1
    cpe:2.3:a:sun:jre:1.4.1
  • Sun » Jre » Version: 1.4.2
    cpe:2.3:a:sun:jre:1.4.2
  • Sun » Jre » Version: 1.5.0
    cpe:2.3:a:sun:jre:1.5.0
  • Sun » Jre » Version: 1.6.0
    cpe:2.3:a:sun:jre:1.6.0


Contact Us

Shodan ® - All rights reserved