Lucene search

[email protected]CVE-2008-3105

HistoryJul 09, 2008 - 11:41 p.m.

CVE-2008-3105

2008-07-0923:41:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-3105

jax-ws

jre

jdk

xml processing

denial of service

8.8 High

AI Score

Confidence

High

8.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:P/I:P/A:C

0.057 Low

EPSS

Percentile

93.3%

JSON

Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving “processing of XML data” by a trusted application.

CPENameOperatorVersion
sun:jresun jreeq6
sun:jdksun jdkeq6

CPE	Name	Operator	Version
sun:jre	sun jre	eq	6
sun:jdk	sun jdk	eq	6

References

lists.apple.com/archives/security-announce//2008/Sep/msg00007.html

lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

marc.info/?l=bugtraq&m=122331139823057&w=2

secunia.com/advisories/31010

secunia.com/advisories/31600

secunia.com/advisories/32018

secunia.com/advisories/32179

secunia.com/advisories/32180

secunia.com/advisories/32436

secunia.com/advisories/33237

secunia.com/advisories/33238

secunia.com/advisories/37386

security.gentoo.org/glsa/glsa-200911-02.xml

sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1

support.apple.com/kb/HT3179

support.avaya.com/elmodocs2/security/ASA-2008-299.htm

support.avaya.com/elmodocs2/security/ASA-2008-428.htm

support.avaya.com/elmodocs2/security/ASA-2008-507.htm

support.avaya.com/elmodocs2/security/ASA-2008-509.htm

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717

www.redhat.com/support/errata/RHSA-2008-0594.html

www.redhat.com/support/errata/RHSA-2008-0906.html

www.redhat.com/support/errata/RHSA-2008-1044.html

www.redhat.com/support/errata/RHSA-2008-1045.html

www.securityfocus.com/archive/1/497041/100/0/threaded

www.securityfocus.com/bid/30143

www.securitytracker.com/id?1020457

www.us-cert.gov/cas/techalerts/TA08-193A.html

www.vmware.com/security/advisories/VMSA-2008-0016.html

www.vupen.com/english/advisories/2008/2056/references

www.vupen.com/english/advisories/2008/2740

exchange.xforce.ibmcloud.com/vulnerabilities/43654

exchange.xforce.ibmcloud.com/vulnerabilities/43657

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11274

8.8 High

AI Score

Confidence

High

8.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:P/I:P/A:C

0.057 Low

EPSS

Percentile

93.3%

JSON

Related for CVE-2008-3105

ubuntucve2 prion2 cve1 nessus16 redhat4 suse1 openvas3 securityvulns1 vmware2 f52 gentoo1 ibm1