Java Jre 1.5

I have Oracle JDK and JRE 1.5 installed ubuntu LTS. I want to keep JDK 1.5 and install Oracle JRE as 1.6. Please let me know the steps or any clear source where I can get this done java jdk jre. Nov 9, 2005 8:36AM edited Nov 10, 2005 2:05AM in Java Runtime Environment (JRE) hi all, i hav e a application built with jdk1.3 it runs fine with jre 1.3, 1.4 but has some problem with jre 1.5.so is there any way such that.

Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory.
Publish Date : 2006-05-17 Last Update Date : 2018-10-18

Scroll To

Comments

External Links

- CVSS Scores & Vulnerability Types

CVSS Score
Confidentiality Impact	None(There is no impact to the confidentiality of the system.)
Integrity Impact	Partial(Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact	Partial(There is reduced performance or interruptions in resource availability.)
Access Complexity	Low(Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication	Not required(Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)	Denial Of Service
CWE ID	CWE id is not defined for this vulnerability

- Additional Vendor Supplied Data

Vendor	Impact	CVSS Score	CVSS Vector	Report Date	Publish Date
Redhat	low	2007-11-22	2006-05-14

If you are a vendor and you have additional data which can be automatically imported into our database, please contact admin @ cvedetails.com

- Related OVAL Definitions

Title	Definition Id	Class
DSA-1769 openjdk-6 -- several vulnerabilities	oval:org.mitre.oval:def:8037	unix
DSA-1769-1 openjdk-6 -- several	oval:org.mitre.oval:def:13469	unix
ELSA-2009:0377: java-1.6.0-openjdk security update (Important)	oval:org.mitre.oval:def:22718	unix
ELSA-2009:0392: java-1.6.0-sun security update (Critical)	oval:org.mitre.oval:def:21833	unix
ELSA-2009:0394: java-1.5.0-sun security update (Critical)	oval:org.mitre.oval:def:22708	unix
RHSA-2009:0377 -- java-1.6.0-openjdk security update (Important)	oval:org.mitre.oval:def:29277	unix
RHSA-2009:0377: java-1.6.0-openjdk security update (Important)	oval:com.redhat.rhsa:def:20090377	unix
RHSA-2009:0392: java-1.6.0-sun security update (Critical)	oval:com.redhat.rhsa:def:20090392	unix
RHSA-2009:0394: java-1.5.0-sun security update (Critical)	oval:com.redhat.rhsa:def:20090394	unix
Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remo...	oval:org.mitre.oval:def:10609	unix

OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2006-2426

#	Product Type	Vendor	Product	Version	Update	Edition	Language
1	Application	SUN	JDK	1.5.0	Update6	*	*	Version DetailsVulnerabilities
2	Application	SUN	JRE	1.5.0	Update6	*	*	Version DetailsVulnerabilities
3	Application	SUN	SDK	1.5.0 6	*	*	*	Version DetailsVulnerabilities

- Number Of Affected Versions By Product

Vendor	Product	Vulnerable Versions
SUN	JDK	1
SUN	JRE	1
SUN	SDK	1

- References For CVE-2006-2426

http://www.mandriva.com/security/advisories?name=MDVSA-2009:162
MANDRIVA MDVSA-2009:162

http://www.vupen.com/english/advisories/2006/1824
VUPEN ADV-2006-1824

http://www.debian.org/security/2009/dsa-1769
DEBIAN DSA-1769

http://secunia.com/advisories/34632
SECUNIA 34632

http://www.mandriva.com/security/advisories?name=MDVSA-2009:137
MANDRIVA MDVSA-2009:137

http://www.ubuntu.com/usn/usn-748-1
UBUNTU USN-748-1

https://rhn.redhat.com/errata/RHSA-2009-0377.html
REDHAT RHSA-2009:0377

http://secunia.com/advisories/34495
SECUNIA 34495

http://secunia.com/advisories/34496
SECUNIA 34496

http://secunia.com/advisories/34675
SECUNIA 34675

http://www.redhat.com/support/errata/RHSA-2009-0394.html
REDHAT RHSA-2009:0394

http://secunia.com/advisories/20132
SECUNIA 20132

http://www.novell.com/linux/security/advisories/2006-06-02.html
SUSE SUSE-SR:2006:012

http://www.illegalaccess.org/exploit/FullDiskApplet.html

http://secunia.com/advisories/34489
SECUNIA 34489

http://securityreason.com/securityalert/909
SREASON 909

http://www.redhat.com/support/errata/RHSA-2009-0392.html
REDHAT RHSA-2009:0392

http://secunia.com/advisories/20457
SECUNIA 20457

http://www.osvdb.org/25561
OSVDB 25561

http://www.securityfocus.com/bid/17981
BID 17981 Sun Java Applet Font.createFont Remote Denial Of Service Vulnerability Release Date:2009-12-16

http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm CONFIRM

http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/26493
XF sun-java-fontcreatefont-dos(26493)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10609
OVAL oval:org.mitre.oval:def:10609

http://www.securityfocus.com/archive/1/434001/100/0/threaded
BUGTRAQ 20060514 JDK 1.4.2_11, 1.5.0_06, unsigned applets consuming all free harddisk space

- Metasploit Modules Related To CVE-2006-2426

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)

Download Latest Java Jre 1.5

Status:Closed
Resolution: Fixed
Fix Version/s:5.0
Labels:

Subcomponent:
Resolved In Build:
CPU:
OS:
Verification:

A DESCRIPTION OF THE REQUEST :
Currently there is no CAB format downloads of JRE 1.5.0.1 on sun autodownload website :
http://java.sun.com/j2se/1.5.0/docs/guide/deployment/deployment-guide/autodl-files.html
JUSTIFICATION :
The CAB format is much smaller file size than the exe and will help in the download.
###@###.### 2005-2-18 03:38:07 GMT

Assignee:: J. Duke (Inactive)

Reporter:: Girish Manwani (Inactive)

Java Jre 1.5 Download Windows

Sun Java Jre 1.5

Votes:: 0Vote for this issue

Watchers:: 0Start watching this issue