CVE-2008-3109

Published: Jul 9, 2008Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

Affected (12)

Products: Sun: Jdk, Jre

2 products

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Sun Jdk	Up to 6
Sun Jdk	Version 6 update_1
Sun Jdk	Version 6 update_2
Sun Jdk	Version 6 update_3
Sun Jdk	Version 6 update_4
Sun Jdk	Version 6 update_5
Sun Jre	Up to 6
Sun Jre	Version 6 update_1
Sun Jre	Version 6 update_2
Sun Jre	Version 6 update_3
Sun Jre	Version 6 update_4
Sun Jre	Version 6 update_5

Related CWEs

References (56)

http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=122331139823057&w=2

Source: cve@mitre.org

http://secunia.com/advisories/31010

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/31600

Source: cve@mitre.org

http://secunia.com/advisories/32018

Source: cve@mitre.org

http://secunia.com/advisories/32179

Source: cve@mitre.org

http://secunia.com/advisories/32180

Source: cve@mitre.org

http://secunia.com/advisories/32436

Source: cve@mitre.org

http://secunia.com/advisories/33238

Source: cve@mitre.org

http://secunia.com/advisories/37386

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200911-02.xml

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-66-238687-1

Source: cve@mitre.org

Patch

http://support.apple.com/kb/HT3179

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0594.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0906.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-1045.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/497041/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/30144

Source: cve@mitre.org

http://www.securitytracker.com/id?1020456

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA08-193A.html

Source: cve@mitre.org

US Government Resource

http://www.vmware.com/security/advisories/VMSA-2008-0016.html

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2056/references

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2740

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/43660

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8540

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=122331139823057&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/31010

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/31600

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32018

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32179

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32180

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32436

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/33238

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/37386

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200911-02.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-66-238687-1

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://support.apple.com/kb/HT3179

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2008-0594.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2008-0906.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2008-1045.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/497041/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/30144

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1020456

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA08-193A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vmware.com/security/advisories/VMSA-2008-0016.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/2056/references

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/2740

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/43660

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8540

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.