Lucene search

[email protected]NVD:CVE-2008-3107

HistoryJul 09, 2008 - 11:41 p.m.

CVE-2008-3107

2008-07-0923:41:00

CWE-264

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.6 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.4%

JSON

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or © execute local programs.

Affected configurations

NVD

Node

sunjdkRange≤5.0update_15

sunjdkRange≤6update_6

sunjdkMatch5.0update_1

sunjdkMatch5.0update_10

sunjdkMatch5.0update_11

sunjdkMatch5.0update_12

sunjdkMatch5.0update_13

sunjdkMatch5.0update_14

sunjdkMatch5.0update_2

sunjdkMatch5.0update_3

sunjdkMatch5.0update_4

sunjdkMatch5.0update_5

sunjdkMatch5.0update_6

sunjdkMatch5.0update_7

sunjdkMatch5.0update_8

sunjdkMatch5.0update_9

sunjdkMatch6update_1

sunjdkMatch6update_2

sunjdkMatch6update_3

sunjdkMatch6update_4

sunjdkMatch6update_5

sunjreRange≤1.4.2_17

sunjreRange≤5.0update_15

sunjreRange≤6update_6

sunjreMatch1.4.2

sunjreMatch1.4.2_01

sunjreMatch1.4.2_02

sunjreMatch1.4.2_03

sunjreMatch1.4.2_3

sunjreMatch1.4.2_04

sunjreMatch1.4.2_05

sunjreMatch1.4.2_06

sunjreMatch1.4.2_07

sunjreMatch1.4.2_8

sunjreMatch1.4.2_9

sunjreMatch1.4.2_10

sunjreMatch1.4.2_11

sunjreMatch1.4.2_12

sunjreMatch1.4.2_13

sunjreMatch1.4.2_14

sunjreMatch1.4.2_15

sunjreMatch1.4.2_16

sunjreMatch5.0update_1

sunjreMatch5.0update_10

sunjreMatch5.0update_11

sunjreMatch5.0update_12

sunjreMatch5.0update_13

sunjreMatch5.0update_14

sunjreMatch5.0update_2

sunjreMatch5.0update_3

sunjreMatch5.0update_4

sunjreMatch5.0update_5

sunjreMatch5.0update_6

sunjreMatch5.0update_7

sunjreMatch5.0update_8

sunjreMatch5.0update_9

sunjreMatch6update_1

sunjreMatch6update_2

sunjreMatch6update_3

sunjreMatch6update_4

sunjreMatch6update_5

sunsdkRange≤1.4.2_17

sunsdkMatch1.4.2_02

sunsdkMatch1.4.2_03

sunsdkMatch1.4.2_04

sunsdkMatch1.4.2_05

sunsdkMatch1.4.2_06

sunsdkMatch1.4.2_07

sunsdkMatch1.4.2_08

sunsdkMatch1.4.2_09

sunsdkMatch1.4.2_10

sunsdkMatch1.4.2_11

sunsdkMatch1.4.2_12

sunsdkMatch1.4.2_13

sunsdkMatch1.4.2_14

sunsdkMatch1.4.2_15

sunsdkMatch1.4.2_16

References

lists.apple.com/archives/security-announce//2008/Sep/msg00008.html

lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

marc.info/?l=bugtraq&m=122331139823057&w=2

secunia.com/advisories/31010

secunia.com/advisories/31055

secunia.com/advisories/31497

secunia.com/advisories/31600

secunia.com/advisories/32018

secunia.com/advisories/32179

secunia.com/advisories/32180

secunia.com/advisories/37386

security.gentoo.org/glsa/glsa-200911-02.xml

sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1

support.apple.com/kb/HT3178

support.apple.com/kb/HT3179

www.redhat.com/support/errata/RHSA-2008-0594.html

www.redhat.com/support/errata/RHSA-2008-0595.html

www.securityfocus.com/archive/1/497041/100/0/threaded

www.securityfocus.com/bid/30141

www.securitytracker.com/id?1020455

www.us-cert.gov/cas/techalerts/TA08-193A.html

www.vmware.com/security/advisories/VMSA-2008-0016.html

www.vupen.com/english/advisories/2008/2056/references

www.vupen.com/english/advisories/2008/2740

exchange.xforce.ibmcloud.com/vulnerabilities/43659

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.6 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.4%

JSON

Related for NVD:CVE-2008-3107

cve1 ubuntucve1 cvelist1 prion1 redhat3 nessus22 openvas7 suse1 vmware2 securityvulns1 gentoo1