Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3104

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-3104
Last Modified 29 Oct 2012 11:13:32
Published 09 Jul 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3104

Summary

Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.

Vulnerable Systems

Application

  • Sun Jdk 1.5.0

  • Sun Jdk 5.0

  • Sun Jdk 6

  • Sun Jre 1.3.0

  • Sun Jre 1.3.1

  • Sun Jre 1.3.1 02

  • Sun Jre 1.3.1 03

  • Sun Jre 1.3.1 04

  • Sun Jre 1.3.1 05

  • Sun Jre 1.3.1 06

  • Sun Jre 1.3.1 07

  • Sun Jre 1.3.1 08

  • Sun Jre 1.3.1 09

  • Sun Jre 1.3.1 10

  • Sun Jre 1.3.1 11

  • Sun Jre 1.3.1 12

  • Sun Jre 1.3.1 13

  • Sun Jre 1.3.1 14

  • Sun Jre 1.3.1 15

  • Sun Jre 1.3.1 17

  • Sun Jre 1.3.1 21

  • Sun Jre 1.3.1 22

  • Sun Jre 1.4.2

  • Sun Jre 1.4.2 16

  • Sun Jre 1.4.2 17

  • Sun Sdk 1.3.0

  • Sun Sdk 1.3.1 01

  • Sun Sdk 1.3.1 02

  • Sun Sdk 1.3.1 03

  • Sun Sdk 1.3.1 04

  • Sun Sdk 1.3.1 05

  • Sun Sdk 1.3.1 06

  • Sun Sdk 1.3.1 07

  • Sun Sdk 1.3.1 08

  • Sun Sdk 1.3.1 09

  • Sun Sdk 1.3.1 10

  • Sun Sdk 1.3.1 11

  • Sun Sdk 1.3.1 12

  • Sun Sdk 1.3.1 13

  • Sun Sdk 1.3.1 14

  • Sun Sdk 1.3.1 15

  • Sun Sdk 1.3.1 16

  • Sun Sdk 1.3.1 17

  • Sun Sdk 1.3.1 18

  • Sun Sdk 1.3.1 19

  • Sun Sdk 1.3.1 20

  • Sun Sdk 1.3.1 21

  • Sun Sdk 1.3.1 22

  • Sun Sdk 1.4.2

  • Sun Sdk 1.4.2 01

  • Sun Sdk 1.4.2 02

  • Sun Sdk 1.4.2 03

  • Sun Sdk 1.4.2 04

  • Sun Sdk 1.4.2 05

  • Sun Sdk 1.4.2 06

  • Sun Sdk 1.4.2 07

  • Sun Sdk 1.4.2 08

  • Sun Sdk 1.4.2 09

  • Sun Sdk 1.4.2 10

  • Sun Sdk 1.4.2 11

  • Sun Sdk 1.4.2 12

  • Sun Sdk 1.4.2 13

  • Sun Sdk 1.4.2 14

  • Sun Sdk 1.4.2 15

  • Sun Sdk 1.4.2 16


References

CERT - TA08-193A

SUNALERT - 238968

SECUNIA - 31010

XF - sun-jre-unspecified-security-bypass(43662)

VUPEN - ADV-2008-2740

VUPEN - ADV-2008-2056

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0016.html

SECTRACK - 1020459

BID - 30140

BUGTRAQ - 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

REDHAT - RHSA-2008:1045

REDHAT - RHSA-2008:1044

REDHAT - RHSA-2008:1043

REDHAT - RHSA-2008:0906

REDHAT - RHSA-2008:0790

REDHAT - RHSA-2008:0595

REDHAT - RHSA-2008:0594

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm

CONFIRM - http://support.apple.com/kb/HT3179

CONFIRM - http://support.apple.com/kb/HT3178

GENTOO - GLSA-200911-02

SECUNIA - 37386

SECUNIA - 35065

SECUNIA - 33238

SECUNIA - 33237

SECUNIA - 33236

SECUNIA - 33194

SECUNIA - 32826

SECUNIA - 32436

SECUNIA - 32180

SECUNIA - 32179

SECUNIA - 32018

SECUNIA - 31600

SECUNIA - 31497

SECUNIA - 31320

SECUNIA - 31269

SECUNIA - 31055

REDHAT - RHSA-2008:0955

BUGTRAQ - 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and

SUSE - SUSE-SR:2009:010

SUSE - SUSE-SR:2008:028

SUSE - SUSE-SA:2008:045

SUSE - SUSE-SA:2008:043

SUSE - SUSE-SA:2008:042

APPLE - APPLE-SA-2008-09-24

SECUNIA - 31736

Related Patches

Apple 2008-09-24 Java for Mac OS X 10.4 Release 7

Novell SUSE 2008:5431 java-1_4_2-sun security update for SLE 10 i586


Last Updated: 27 May 2016 10:47:14