Lucene search

[email protected]NVD:CVE-2008-3104

HistoryJul 09, 2008 - 11:41 p.m.

CVE-2008-3104

2008-07-0923:41:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

High

EPSS

0.036

Percentile

91.7%

JSON

Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet’s outbound connections by connecting to localhost services running on the machine that loaded the applet.

Affected configurations

Nvd

Node

sunjdkRange≤5.0update_15

sunjdkRange≤6update_6

sunjdkMatch1.5.0update_12

sunjdkMatch5.0update_1

sunjdkMatch5.0update_10

sunjdkMatch5.0update_11

sunjdkMatch5.0update_12

sunjdkMatch5.0update_13

sunjdkMatch5.0update_14

sunjdkMatch5.0update_2

sunjdkMatch5.0update_3

sunjdkMatch5.0update_4

sunjdkMatch5.0update_5

sunjdkMatch5.0update_6

sunjdkMatch5.0update_7

sunjdkMatch5.0update_8

sunjdkMatch5.0update_9

sunjdkMatch6update_1

sunjdkMatch6update_2

sunjdkMatch6update_3

sunjdkMatch6update_4

sunjdkMatch6update_5

sunjreMatch1.3.0

sunjreMatch1.3.1

sunjreMatch1.3.1update16

sunjreMatch1.3.1update18

sunjreMatch1.3.1update19

sunjreMatch1.3.1update20

sunjreMatch1.3.1_02

sunjreMatch1.3.1_03

sunjreMatch1.3.1_04

sunjreMatch1.3.1_05

sunjreMatch1.3.1_06

sunjreMatch1.3.1_07

sunjreMatch1.3.1_08

sunjreMatch1.3.1_09

sunjreMatch1.3.1_10

sunjreMatch1.3.1_11

sunjreMatch1.3.1_12

sunjreMatch1.3.1_13

sunjreMatch1.3.1_14

sunjreMatch1.3.1_15

sunjreMatch1.3.1_17

sunjreMatch1.3.1_21

sunjreMatch1.3.1_22

sunjreMatch1.4.2_1

sunjreMatch1.4.2_2

sunjreMatch1.4.2_3

sunjreMatch1.4.2_4

sunjreMatch1.4.2_5

sunjreMatch1.4.2_6

sunjreMatch1.4.2_7

sunjreMatch1.4.2_8

sunjreMatch1.4.2_9

sunjreMatch1.4.2_10

sunjreMatch1.4.2_11

sunjreMatch1.4.2_12

sunjreMatch1.4.2_13

sunjreMatch1.4.2_14

sunjreMatch1.4.2_15

sunjreMatch1.4.2_16

sunjreMatch1.4.2_17

sunsdkMatch1.3.0

sunsdkMatch1.3.1_01

sunsdkMatch1.3.1_02

sunsdkMatch1.3.1_03

sunsdkMatch1.3.1_04

sunsdkMatch1.3.1_05

sunsdkMatch1.3.1_06

sunsdkMatch1.3.1_07

sunsdkMatch1.3.1_08

sunsdkMatch1.3.1_09

sunsdkMatch1.3.1_10

sunsdkMatch1.3.1_11

sunsdkMatch1.3.1_12

sunsdkMatch1.3.1_13

sunsdkMatch1.3.1_14

sunsdkMatch1.3.1_15

sunsdkMatch1.3.1_16

sunsdkMatch1.3.1_17

sunsdkMatch1.3.1_18

sunsdkMatch1.3.1_19

sunsdkMatch1.3.1_20

sunsdkMatch1.3.1_21

sunsdkMatch1.3.1_22

sunsdkMatch1.4.2

sunsdkMatch1.4.2_01

sunsdkMatch1.4.2_02

sunsdkMatch1.4.2_03

sunsdkMatch1.4.2_04

sunsdkMatch1.4.2_05

sunsdkMatch1.4.2_06

sunsdkMatch1.4.2_07

sunsdkMatch1.4.2_08

sunsdkMatch1.4.2_09

sunsdkMatch1.4.2_10

sunsdkMatch1.4.2_11

sunsdkMatch1.4.2_12

sunsdkMatch1.4.2_13

sunsdkMatch1.4.2_14

sunsdkMatch1.4.2_15

sunsdkMatch1.4.2_16

VendorProductVersionCPE
sunjdk*cpe:2.3:a:sun:jdk:*:update_15:*:*:*:*:*:*
sunjdk*cpe:2.3:a:sun:jdk:*:update_6:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_12:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	jdk	*	cpe:2.3:a:sun:jdk::update_15::::::*
sun	jdk	*	cpe:2.3:a:sun:jdk::update_6::::::*
sun	jdk	1.5.0	cpe:2.3:a:sun:jdk:1.5.0:update_12::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_1::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_10::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_11::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_12::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_13::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_14::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_2::::::

Rows per page:

1-10 of 1021

References

lists.apple.com/archives/security-announce//2008/Sep/msg00008.html

lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html

lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html

lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html

lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

marc.info/?l=bugtraq&m=122331139823057&w=2

rhn.redhat.com/errata/RHSA-2008-0955.html

secunia.com/advisories/31010

secunia.com/advisories/31055

secunia.com/advisories/31269

secunia.com/advisories/31320

secunia.com/advisories/31497

secunia.com/advisories/31600

secunia.com/advisories/31736

secunia.com/advisories/32018

secunia.com/advisories/32179

secunia.com/advisories/32180

secunia.com/advisories/32436

secunia.com/advisories/32826

secunia.com/advisories/33194

secunia.com/advisories/33236

secunia.com/advisories/33237

secunia.com/advisories/33238

secunia.com/advisories/35065

secunia.com/advisories/37386

security.gentoo.org/glsa/glsa-200911-02.xml

sunsolve.sun.com/search/document.do?assetkey=1-66-238968-1

support.apple.com/kb/HT3178

support.apple.com/kb/HT3179

support.avaya.com/elmodocs2/security/ASA-2008-428.htm

support.avaya.com/elmodocs2/security/ASA-2008-507.htm

support.avaya.com/elmodocs2/security/ASA-2008-509.htm

www.redhat.com/support/errata/RHSA-2008-0594.html

www.redhat.com/support/errata/RHSA-2008-0595.html

www.redhat.com/support/errata/RHSA-2008-0790.html

www.redhat.com/support/errata/RHSA-2008-0906.html

www.redhat.com/support/errata/RHSA-2008-1043.html

www.redhat.com/support/errata/RHSA-2008-1044.html

www.redhat.com/support/errata/RHSA-2008-1045.html

www.securityfocus.com/archive/1/497041/100/0/threaded

www.securityfocus.com/bid/30140

www.securitytracker.com/id?1020459

www.us-cert.gov/cas/techalerts/TA08-193A.html

www.vmware.com/security/advisories/VMSA-2008-0016.html

www.vupen.com/english/advisories/2008/2056/references

www.vupen.com/english/advisories/2008/2740

exchange.xforce.ibmcloud.com/vulnerabilities/43662

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9565

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

High

EPSS

0.036

Percentile

91.7%

JSON

Related for NVD:CVE-2008-3104

ubuntucve1 cve1 prion1 cvelist1 redhat10 nessus32 openvas20 suse3 securityvulns1 vmware2 gentoo1