CVE-2008-3107

2008-07-0923:41:00

NVD-CWE-noinfo

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-3107

unspecified vulnerability

sun java runtime environment

jdk

jre

sdk

nvd

cve

6.4 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.4%

JSON

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or © execute local programs.

CPENameOperatorVersion
sun:jdksun jdkeq5.0
sun:jresun jreeq1.4.2_16
sun:jresun jreeq5.0
sun:jresun jreeq1.4.2_01
sun:sdksun sdkeq1.4.2_10
sun:sdksun sdkeq1.4.2_12
sun:jresun jreeq6
sun:jresun jreeq1.4.2_03
sun:sdksun sdkeq1.4.2_14
sun:jresun jreeq1.4.2_15

CPE	Name	Operator	Version
sun:jdk	sun jdk	eq	5.0
sun:jre	sun jre	eq	1.4.2_16
sun:jre	sun jre	eq	5.0
sun:jre	sun jre	eq	1.4.2_01
sun:sdk	sun sdk	eq	1.4.2_10
sun:sdk	sun sdk	eq	1.4.2_12
sun:jre	sun jre	eq	6
sun:jre	sun jre	eq	1.4.2_03
sun:sdk	sun sdk	eq	1.4.2_14
sun:jre	sun jre	eq	1.4.2_15