CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
93.5%
Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.
Vendor | Product | Version | CPE |
---|---|---|---|
sun | jdk | * | cpe:2.3:a:sun:jdk:*:update_15:*:*:*:*:*:* |
sun | jdk | * | cpe:2.3:a:sun:jdk:*:update_6:*:*:*:*:*:* |
sun | jdk | 5.0 | cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:* |
sun | jdk | 5.0 | cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:* |
sun | jdk | 5.0 | cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:* |
sun | jdk | 5.0 | cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:* |
sun | jdk | 5.0 | cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:* |
sun | jdk | 5.0 | cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:* |
sun | jdk | 5.0 | cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:* |
sun | jdk | 5.0 | cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:* |
lists.apple.com/archives/security-announce//2008/Sep/msg00007.html
lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html
lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html
marc.info/?l=bugtraq&m=122331139823057&w=2
secunia.com/advisories/31010
secunia.com/advisories/31320
secunia.com/advisories/31497
secunia.com/advisories/31600
secunia.com/advisories/31736
secunia.com/advisories/32018
secunia.com/advisories/32179
secunia.com/advisories/32180
secunia.com/advisories/32436
secunia.com/advisories/33237
secunia.com/advisories/33238
secunia.com/advisories/37386
security.gentoo.org/glsa/glsa-200911-02.xml
sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1
support.apple.com/kb/HT3179
support.avaya.com/elmodocs2/security/ASA-2008-299.htm
support.avaya.com/elmodocs2/security/ASA-2008-428.htm
support.avaya.com/elmodocs2/security/ASA-2008-507.htm
support.avaya.com/elmodocs2/security/ASA-2008-509.htm
support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014
support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717
www.redhat.com/support/errata/RHSA-2008-0594.html
www.redhat.com/support/errata/RHSA-2008-0790.html
www.redhat.com/support/errata/RHSA-2008-0906.html
www.redhat.com/support/errata/RHSA-2008-1044.html
www.redhat.com/support/errata/RHSA-2008-1045.html
www.securityfocus.com/archive/1/497041/100/0/threaded
www.securityfocus.com/bid/30143
www.securitytracker.com/id?1020457
www.us-cert.gov/cas/techalerts/TA08-193A.html
www.vmware.com/security/advisories/VMSA-2008-0016.html
www.vupen.com/english/advisories/2008/2056/references
www.vupen.com/english/advisories/2008/2740
exchange.xforce.ibmcloud.com/vulnerabilities/43658
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10866