CVE-2008-3104

Published: Jul 9, 2008Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.

Affected (102)

Products: Sun: Jdk, Jre, Sdk

3 products

Configuration A

102 vulnerable

Vulnerable Software	Affected Versions
Sun Jdk	Up to 5.0
Sun Jdk	Up to 6
Sun Jdk	Version 1.5.0 update_12
Sun Jdk	Version 5.0 update_10
Sun Jdk	Version 5.0 update_11
Sun Jdk	Version 5.0 update_12
Sun Jdk	Version 5.0 update_13
Sun Jdk	Version 5.0 update_14
Sun Jdk	Version 5.0 update_1
Sun Jdk	Version 5.0 update_2
Sun Jdk	Version 5.0 update_3
Sun Jdk	Version 5.0 update_4
Sun Jdk	Version 5.0 update_5
Sun Jdk	Version 5.0 update_6
Sun Jdk	Version 5.0 update_7
Sun Jdk	Version 5.0 update_8
Sun Jdk	Version 5.0 update_9
Sun Jdk	Version 6 update_1
Sun Jdk	Version 6 update_2
Sun Jdk	Version 6 update_3
Sun Jdk	Version 6 update_4
Sun Jdk	Version 6 update_5
Sun Jre	Version 1.3.0
Sun Jre	Version 1.3.1
Sun Jre	Version 1.3.1 update16
Sun Jre	Version 1.3.1 update18
Sun Jre	Version 1.3.1 update19
Sun Jre	Version 1.3.1 update20
Sun Jre	Version 1.3.1_02
Sun Jre	Version 1.3.1_03
Sun Jre	Version 1.3.1_04
Sun Jre	Version 1.3.1_05
Sun Jre	Version 1.3.1_06
Sun Jre	Version 1.3.1_07
Sun Jre	Version 1.3.1_08
Sun Jre	Version 1.3.1_09
Sun Jre	Version 1.3.1_10
Sun Jre	Version 1.3.1_11
Sun Jre	Version 1.3.1_12
Sun Jre	Version 1.3.1_13
Sun Jre	Version 1.3.1_14
Sun Jre	Version 1.3.1_15
Sun Jre	Version 1.3.1_17
Sun Jre	Version 1.3.1_21
Sun Jre	Version 1.3.1_22
Sun Jre	Version 1.4.2_10
Sun Jre	Version 1.4.2_11
Sun Jre	Version 1.4.2_12
Sun Jre	Version 1.4.2_13
Sun Jre	Version 1.4.2_14
Sun Jre	Version 1.4.2_15
Sun Jre	Version 1.4.2_16
Sun Jre	Version 1.4.2_17
Sun Jre	Version 1.4.2_1
Sun Jre	Version 1.4.2_2
Sun Jre	Version 1.4.2_3
Sun Jre	Version 1.4.2_4
Sun Jre	Version 1.4.2_5
Sun Jre	Version 1.4.2_6
Sun Jre	Version 1.4.2_7
Sun Jre	Version 1.4.2_8
Sun Jre	Version 1.4.2_9
Sun Sdk	Version 1.3.0
Sun Sdk	Version 1.3.1_01
Sun Sdk	Version 1.3.1_02
Sun Sdk	Version 1.3.1_03
Sun Sdk	Version 1.3.1_04
Sun Sdk	Version 1.3.1_05
Sun Sdk	Version 1.3.1_06
Sun Sdk	Version 1.3.1_07
Sun Sdk	Version 1.3.1_08
Sun Sdk	Version 1.3.1_09
Sun Sdk	Version 1.3.1_10
Sun Sdk	Version 1.3.1_11
Sun Sdk	Version 1.3.1_12
Sun Sdk	Version 1.3.1_13
Sun Sdk	Version 1.3.1_14
Sun Sdk	Version 1.3.1_15
Sun Sdk	Version 1.3.1_16
Sun Sdk	Version 1.3.1_17
Sun Sdk	Version 1.3.1_18
Sun Sdk	Version 1.3.1_19
Sun Sdk	Version 1.3.1_20
Sun Sdk	Version 1.3.1_21
Sun Sdk	Version 1.3.1_22
Sun Sdk	Version 1.4.2
Sun Sdk	Version 1.4.2_01
Sun Sdk	Version 1.4.2_02
Sun Sdk	Version 1.4.2_03
Sun Sdk	Version 1.4.2_04
Sun Sdk	Version 1.4.2_05
Sun Sdk	Version 1.4.2_06
Sun Sdk	Version 1.4.2_07
Sun Sdk	Version 1.4.2_08
Sun Sdk	Version 1.4.2_09
Sun Sdk	Version 1.4.2_10
Sun Sdk	Version 1.4.2_11
Sun Sdk	Version 1.4.2_12
Sun Sdk	Version 1.4.2_13
Sun Sdk	Version 1.4.2_14
Sun Sdk	Version 1.4.2_15
Sun Sdk	Version 1.4.2_16

Related CWEs

CWE-264

References (98)

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=122331139823057&w=2

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2008-0955.html

Source: cve@mitre.org

http://secunia.com/advisories/31010

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/31055

Source: cve@mitre.org

http://secunia.com/advisories/31269

Source: cve@mitre.org

http://secunia.com/advisories/31320

Source: cve@mitre.org

http://secunia.com/advisories/31497

Source: cve@mitre.org

http://secunia.com/advisories/31600

Source: cve@mitre.org

http://secunia.com/advisories/31736

Source: cve@mitre.org

http://secunia.com/advisories/32018

Source: cve@mitre.org

http://secunia.com/advisories/32179

Source: cve@mitre.org

http://secunia.com/advisories/32180

Source: cve@mitre.org

http://secunia.com/advisories/32436

Source: cve@mitre.org

http://secunia.com/advisories/32826

Source: cve@mitre.org

http://secunia.com/advisories/33194

Source: cve@mitre.org

http://secunia.com/advisories/33236

Source: cve@mitre.org

http://secunia.com/advisories/33237

Source: cve@mitre.org

http://secunia.com/advisories/33238

Source: cve@mitre.org

http://secunia.com/advisories/35065

Source: cve@mitre.org

http://secunia.com/advisories/37386

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200911-02.xml

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-66-238968-1

Source: cve@mitre.org

Patch

http://support.apple.com/kb/HT3178

Source: cve@mitre.org

http://support.apple.com/kb/HT3179

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0594.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0595.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0790.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0906.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-1043.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-1044.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-1045.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/497041/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/30140

Source: cve@mitre.org

http://www.securitytracker.com/id?1020459

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA08-193A.html

Source: cve@mitre.org

US Government Resource

http://www.vmware.com/security/advisories/VMSA-2008-0016.html

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2056/references

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2740

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/43662

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9565

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html