CVE-2008-3109

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
References
Link Resource
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238687-1 Patch
http://www.securityfocus.com/bid/30144
http://secunia.com/advisories/31010 Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
http://www.redhat.com/support/errata/RHSA-2008-0594.html
http://secunia.com/advisories/31600
http://www.us-cert.gov/cas/techalerts/TA08-193A.html US Government Resource
http://support.apple.com/kb/HT3179
http://secunia.com/advisories/32018
http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
http://secunia.com/advisories/32180
http://secunia.com/advisories/32179
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://secunia.com/advisories/32436
http://www.securitytracker.com/id?1020456
http://www.redhat.com/support/errata/RHSA-2008-1045.html
http://secunia.com/advisories/33238
http://www.redhat.com/support/errata/RHSA-2008-0906.html
http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://secunia.com/advisories/37386
http://www.vupen.com/english/advisories/2008/2056/references
http://www.vupen.com/english/advisories/2008/2740
https://exchange.xforce.ibmcloud.com/vulnerabilities/43660
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8540
http://www.securityfocus.com/archive/1/497041/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:*:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*

Information

Published : 2008-07-09 11:41

Updated : 2018-10-11 08:46


NVD link : CVE-2008-3109

Mitre link : CVE-2008-3109

Products Affected
No products.
CWE