CVE-2008-3106

Published: Jul 9, 2008Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.

Affected (42)

Products: Sun: Jdk, Jre

Sun

2 products

Jdk

Jre

Configuration A

42 vulnerable

Vulnerable Software	Affected Versions
Sun Jdk	Up to 5.0
Sun Jdk	Up to 6
Sun Jdk	Version 5.0 update_10
Sun Jdk	Version 5.0 update_11
Sun Jdk	Version 5.0 update_12
Sun Jdk	Version 5.0 update_13
Sun Jdk	Version 5.0 update_14
Sun Jdk	Version 5.0 update_1
Sun Jdk	Version 5.0 update_2
Sun Jdk	Version 5.0 update_3
Sun Jdk	Version 5.0 update_4
Sun Jdk	Version 5.0 update_5
Sun Jdk	Version 5.0 update_6
Sun Jdk	Version 5.0 update_7
Sun Jdk	Version 5.0 update_8
Sun Jdk	Version 5.0 update_9
Sun Jdk	Version 6 update_1
Sun Jdk	Version 6 update_2
Sun Jdk	Version 6 update_3
Sun Jdk	Version 6 update_4
Sun Jdk	Version 6 update_5
Sun Jre	Up to 5.0
Sun Jre	Up to 6
Sun Jre	Version 5.0 update_10
Sun Jre	Version 5.0 update_11
Sun Jre	Version 5.0 update_12
Sun Jre	Version 5.0 update_13
Sun Jre	Version 5.0 update_14
Sun Jre	Version 5.0 update_1
Sun Jre	Version 5.0 update_2
Sun Jre	Version 5.0 update_3
Sun Jre	Version 5.0 update_4
Sun Jre	Version 5.0 update_5
Sun Jre	Version 5.0 update_6
Sun Jre	Version 5.0 update_7
Sun Jre	Version 5.0 update_8
Sun Jre	Version 5.0 update_9
Sun Jre	Version 6 update_1
Sun Jre	Version 6 update_2
Sun Jre	Version 6 update_3
Sun Jre	Version 6 update_4
Sun Jre	Version 6 update_5

Related CWEs

CWE-264

References (80)

http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=122331139823057&w=2

Source: cve@mitre.org

http://secunia.com/advisories/31010

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/31320

Source: cve@mitre.org

http://secunia.com/advisories/31497

Source: cve@mitre.org

http://secunia.com/advisories/31600

Source: cve@mitre.org

http://secunia.com/advisories/31736

Source: cve@mitre.org

http://secunia.com/advisories/32018

Source: cve@mitre.org

http://secunia.com/advisories/32179

Source: cve@mitre.org

http://secunia.com/advisories/32180

Source: cve@mitre.org

http://secunia.com/advisories/32436

Source: cve@mitre.org

http://secunia.com/advisories/33237

Source: cve@mitre.org

http://secunia.com/advisories/33238

Source: cve@mitre.org

http://secunia.com/advisories/37386

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200911-02.xml

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1

Source: cve@mitre.org

http://support.apple.com/kb/HT3179

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2008-299.htm

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm

Source: cve@mitre.org

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014

Source: cve@mitre.org

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0594.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0790.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0906.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-1044.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-1045.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/497041/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/30143

Source: cve@mitre.org

http://www.securitytracker.com/id?1020457

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA08-193A.html

Source: cve@mitre.org

US Government Resource

http://www.vmware.com/security/advisories/VMSA-2008-0016.html

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2056/references

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2740

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/43658

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10866

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html