fkie_cve-2008-3107
Vulnerability from fkie_nvd
Published
2008-07-09 23:41
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
References
cve@mitre.orghttp://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=122331139823057&w=2
cve@mitre.orghttp://secunia.com/advisories/31010Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31055
cve@mitre.orghttp://secunia.com/advisories/31497
cve@mitre.orghttp://secunia.com/advisories/31600
cve@mitre.orghttp://secunia.com/advisories/32018
cve@mitre.orghttp://secunia.com/advisories/32179
cve@mitre.orghttp://secunia.com/advisories/32180
cve@mitre.orghttp://secunia.com/advisories/37386
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200911-02.xml
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1
cve@mitre.orghttp://support.apple.com/kb/HT3178
cve@mitre.orghttp://support.apple.com/kb/HT3179
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2008-0594.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2008-0595.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/497041/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/30141
cve@mitre.orghttp://www.securitytracker.com/id?1020455
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA08-193A.htmlUS Government Resource
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2008-0016.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2056/references
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2740
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/43659
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122331139823057&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31010Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31055
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31497
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31600
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32018
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32179
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32180
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37386
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200911-02.xml
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3178
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3179
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0594.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0595.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/497041/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30141
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020455
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-193A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0016.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2056/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2740
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/43659
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219
Impacted products
Vendor Product Version
sun jdk *
sun jdk *
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jre *
sun jre *
sun jre *
sun jre 1.4.2
sun jre 1.4.2_01
sun jre 1.4.2_02
sun jre 1.4.2_03
sun jre 1.4.2_3
sun jre 1.4.2_04
sun jre 1.4.2_05
sun jre 1.4.2_06
sun jre 1.4.2_07
sun jre 1.4.2_8
sun jre 1.4.2_9
sun jre 1.4.2_10
sun jre 1.4.2_11
sun jre 1.4.2_12
sun jre 1.4.2_13
sun jre 1.4.2_14
sun jre 1.4.2_15
sun jre 1.4.2_16
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun sdk *
sun sdk 1.4.2_02
sun sdk 1.4.2_03
sun sdk 1.4.2_04
sun sdk 1.4.2_05
sun sdk 1.4.2_06
sun sdk 1.4.2_07
sun sdk 1.4.2_08
sun sdk 1.4.2_09
sun sdk 1.4.2_10
sun sdk 1.4.2_11
sun sdk 1.4.2_12
sun sdk 1.4.2_13
sun sdk 1.4.2_14
sun sdk 1.4.2_15
sun sdk 1.4.2_16


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:jdk:*:update_15:*:*:*:*:*:*",
              "matchCriteriaId": "7E7CD268-A083-43B5-80B7-B7837202CF29",
              "versionEndIncluding": "5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:*:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "94A87B01-2F20-4E1C-8572-395A96C35D79",
              "versionEndIncluding": "6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "6BB00A29-FEBB-4139-9E96-691EC1410EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "DD8CC179-F76E-4CC2-9CBD-69CBBA5BD532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "C2DC7389-9697-4EF0-9C4E-153731CDD75D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "C5F476C8-5466-4E6B-B73B-4ACFBB02AD5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "D8C7C8C1-AA0D-4BD9-A8EC-85BBE627DE13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*",
              "matchCriteriaId": "BAF0844B-ECB1-4AF0-AA32-1B8789AC5042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "25322D24-C5D9-43A6-87CC-1BF7FA6A3E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "400FDCDE-16DE-4BD6-81E2-4A5DA12E99CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "82C49C78-ACE3-407D-AE21-EA180633C437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "5F91F8A2-D473-48DC-81DA-21291DE7B6E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "3E46B3B4-9E1C-4C87-A4CD-C4CE7FBCA7F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "0F69C703-8541-4AA8-A66A-0292E0FCB749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "99E08AB2-49AD-42C6-967F-773F2C6E188A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "9459F130-A3DD-4A4E-9582-4FB82619EB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "9C9F6EA8-6A88-4485-89A3-0FDF84AB51DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "67E0818A-3675-4293-89FE-5001E36C0F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "95112B98-B6B2-43FA-BF76-F518649CF3BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "3A18341A-3688-48E7-95AD-283EC9C95B4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "E301C59A-47F5-4861-9091-D0002CBA5B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D4DE93-903F-48E3-9009-EF6470F8E87C",
              "versionEndIncluding": "1.4.2_17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:*:update_15:*:*:*:*:*:*",
              "matchCriteriaId": "DF9D8657-A633-45A1-AADE-30474E03C2FC",
              "versionEndIncluding": "5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:*:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "2A1D1D91-B29F-4335-A7DA-FF988F626907",
              "versionEndIncluding": "6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63978872-E797-4F13-B0F9-98CB67D0962A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_01:*:*:*:*:*:*:*",
              "matchCriteriaId": "27A472AF-049D-4D63-841C-1EF737E8D64D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_02:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB48B161-C239-4BB5-8667-7ACA5A5437F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_03:*:*:*:*:*:*:*",
              "matchCriteriaId": "83629616-1814-4858-B09F-79BEA82D6F55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_04:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E8F351-F900-436E-A726-55AE31FBF832",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_05:*:*:*:*:*:*:*",
              "matchCriteriaId": "F76B79C6-ADD0-4992-A4BD-423A0AD38714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_06:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBFD41B5-6E33-4B00-81E8-9D91B0A03BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_07:*:*:*:*:*:*:*",
              "matchCriteriaId": "685D3F7F-30B9-4EB8-90FC-66A2A067A510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
              "matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
              "matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD5187B1-CB86-48E8-A595-9FCFD9822C0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C660DE4-543A-4E9B-825D-CD099D08CBD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*",
              "matchCriteriaId": "98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*",
              "matchCriteriaId": "318719C9-7B01-4021-B2EF-8341254DFE6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "2A2379FC-BC33-4C90-97DD-ED3723172008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "86A1256D-7A34-4FDD-9536-82FD6497A712",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "3BB5E47A-8C17-4995-9EF8-01BFA0B702B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "9300FA38-C234-4BD8-ADB6-D2A29EBA81DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "C87F6EE3-F66B-4F15-89BA-26A4D3AD2556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_14:*:*:*:*:*:*",
              "matchCriteriaId": "56F0F497-6586-408B-80AF-6BC2B9909397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "D594E269-D722-45FC-B390-B0D38ADEC923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "3CAA89D6-651A-4B8C-A134-C3A2CB84002A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "B930EAFB-F2E6-4FCA-A21B-022656396A2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "4B20EB5F-D12A-4267-9887-C39A188EB9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "52347FDC-9983-4A64-8031-B4A50DDC9BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "C95654B3-ACA0-4B0D-9F31-B9C5FB7B9C96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "8387A041-582A-4010-9C44-672090F41A72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "D1F2D335-CDDF-4D2E-80CA-F1A0AF92501A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "0F98D2BD-2AC1-4C4C-8A10-71093DCBC4E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "CDC09958-5286-4C16-AB6F-63B4BDD902B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "BDE1E9E9-85EF-4ACA-902B-00225EB4324F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "E0CDBFCB-42EA-4F19-A98D-7696B0D526CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "53DCFF2A-77A7-41DB-A712-9B6D1FD2574A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D0F887-8AD6-42B1-8ED6-8E7135690270",
              "versionEndIncluding": "1.4.2_17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF4E34FD-D927-42BB-8A16-031D77CB4B9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A3D49A-BE20-47BF-A85F-122357BAB098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*",
              "matchCriteriaId": "F45DB5D3-7F35-4531-9A82-24EB50034787",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_05:*:*:*:*:*:*:*",
              "matchCriteriaId": "4695F707-12E8-4BA4-BBE1-C21CB7213A2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_06:*:*:*:*:*:*:*",
              "matchCriteriaId": "C918FB49-DA13-4326-BE86-6F6BEA4CE4E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_07:*:*:*:*:*:*:*",
              "matchCriteriaId": "5573CAD1-39D1-4ADB-BB95-EBB554B43B4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD02EBDF-6E51-4538-9EDD-B1DE914D09C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C3C0E3-5F40-412B-A4AD-A7A291DE2A08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
              "matchCriteriaId": "36888382-79C8-4C97-A654-C668CD68556F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F34C99E6-F9F0-4EF3-8601-B47EAE3D7273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A74DD08D-CEDB-460E-BED5-78F6CAF18BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F64FBC-DC97-4FE3-A235-18B87945AF7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*",
              "matchCriteriaId": "85048406-9051-4E69-94A8-5C449F3B89E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1C88DD7-0B46-4405-BD35-60D27E2DBA14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en la M\u00e1quina Virtual de Sun Java Runtime Environment (JRE), JDK y JRE 6 antes de Update 7, JDK y JRE 5.0 antes de Update 16, y SDK y JRE 1.4.x antes de 1.4.2_18 permite a atacantes dependientes del contexto obtener privilegios mediante (1) una aplicaci\u00f3n o (2) un applet que no son de confianza, como se demostr\u00f3 con una aplicaci\u00f3n o un applet que se garantiza privilegios para (a) leer archivos locales, (b) escribir en archivos locales, o (c) ejecutar programas locales."
    }
  ],
  "id": "CVE-2008-3107",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-07-09T23:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31010"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31055"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31497"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31600"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32018"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32179"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32180"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37386"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3178"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3179"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/30141"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020455"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/2056/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/2740"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43659"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31497"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31600"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37386"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3178"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30141"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020455"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2056/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.