CVE-2008-1186

Name: CVE-2008-1186
Creator: NVD / NIST
Published: 2008-03-06T21:44:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 5.56%

Last modified Jun 16, 2026

CVE-2008-1186 is a vulnerability of currently unknown severity. Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue.". EPSS estimates a 5.56% chance of exploitation in the next 30 days.

Description

Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."

Metrics

EPSS Probability

5.56%

91.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-264

Affected Software

Vendor	Product	Versions
Sun	Jdk	1.5.0
Sun	Jre	1.4.2
Sun	Jre	1.4.2_1
Sun	Jre	1.4.2_2
Sun	Jre	1.4.2_3
Sun	Jre	1.4.2_4
Sun	Jre	1.4.2_5
Sun	Jre	1.4.2_6
Sun	Jre	1.4.2_7
Sun	Jre	1.4.2_8
Sun	Jre	1.4.2_9
Sun	Jre	1.4.2_10
Sun	Jre	1.4.2_11
Sun	Jre	1.4.2_12
Sun	Jre	1.4.2_13
Sun	Jre	1.4.2_14
Sun	Jre	1.4.2_15
Sun	Jre	1.4.2_16
Sun	Jre	1.5.0
Sun	Sdk	1.4.2
Sun	Sdk	1.4.2_1
Sun	Sdk	1.4.2_2
Sun	Sdk	1.4.2_3
Sun	Sdk	1.4.2_4
Sun	Sdk	1.4.2_5
Sun	Sdk	1.4.2_6
Sun	Sdk	1.4.2_7
Sun	Sdk	1.4.2_8
Sun	Sdk	1.4.2_9
Sun	Sdk	1.4.2_10
Sun	Sdk	1.4.2_11
Sun	Sdk	1.4.2_12
Sun	Sdk	1.4.2_13
Sun	Sdk	1.4.2_14
Sun	Sdk	1.4.2_15
Sun	Sdk	1.4.2_16

References

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.htmlMailing List, Third Party Advisory
http://secunia.com/advisories/29239Third Party Advisory
http://secunia.com/advisories/29273Third Party Advisory
http://secunia.com/advisories/29582Third Party Advisory
http://secunia.com/advisories/29858Third Party Advisory
http://secunia.com/advisories/30676Third Party Advisory
http://secunia.com/advisories/30780Third Party Advisory
http://secunia.com/advisories/32018Third Party Advisory
http://security.gentoo.org/glsa/glsa-200804-28.xmlThird Party Advisory
http://securitytracker.com/id?1019555Third Party Advisory, VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1Patch, Third Party Advisory
http://support.apple.com/kb/HT3178Third Party Advisory
http://support.apple.com/kb/HT3179Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xmlThird Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0186.htmlThird Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-066A.htmlThird Party Advisory, US Government Resource
http://www.vmware.com/security/advisories/VMSA-2008-0010.htmlThird Party Advisory
http://www.vupen.com/english/advisories/2008/0770/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/1856/referencesThird Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/41025Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/41138Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585Third Party Advisory
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.htmlMailing List, Third Party Advisory
http://secunia.com/advisories/29239Third Party Advisory
http://secunia.com/advisories/29273Third Party Advisory
http://secunia.com/advisories/29582Third Party Advisory
http://secunia.com/advisories/29858Third Party Advisory
http://secunia.com/advisories/30676Third Party Advisory
http://secunia.com/advisories/30780Third Party Advisory
http://secunia.com/advisories/32018Third Party Advisory
http://security.gentoo.org/glsa/glsa-200804-28.xmlThird Party Advisory
http://securitytracker.com/id?1019555Third Party Advisory, VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-233321-1Patch, Third Party Advisory
http://support.apple.com/kb/HT3178Third Party Advisory
http://support.apple.com/kb/HT3179Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xmlThird Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0186.htmlThird Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-066A.htmlThird Party Advisory, US Government Resource
http://www.vmware.com/security/advisories/VMSA-2008-0010.htmlThird Party Advisory
http://www.vupen.com/english/advisories/2008/0770/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/1856/referencesThird Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/41025Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/41138Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9585Third Party Advisory

Timeline

Published: Mar 6, 2008
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2008-1186?

How severe is CVE-2008-1186?

Severity scoring for CVE-2008-1186 is pending analysis. The EPSS model estimates a 5.56% probability of exploitation in the next 30 days.

How do I fix CVE-2008-1186?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-1186?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST