Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3107

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-3107
Last Modified 07 Mar 2011 10:10:13
Published 09 Jul 2008 07:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3107

Summary

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

Vulnerable Systems

Application

  • Sun Jdk 5.0

  • Sun Jdk 6

  • Sun Jre 1.4.2

  • Sun Jre 1.4.2 01

  • Sun Jre 1.4.2 02

  • Sun Jre 1.4.2 03

  • Sun Jre 1.4.2 04

  • Sun Jre 1.4.2 05

  • Sun Jre 1.4.2 06

  • Sun Jre 1.4.2 07

  • Sun Jre 1.4.2 16

  • Sun Jre 1.4.2 17

  • Sun Jre 5.0

  • Sun Jre 6

  • Sun Sdk 1.4.2 02

  • Sun Sdk 1.4.2 03

  • Sun Sdk 1.4.2 04

  • Sun Sdk 1.4.2 05

  • Sun Sdk 1.4.2 06

  • Sun Sdk 1.4.2 07

  • Sun Sdk 1.4.2 08

  • Sun Sdk 1.4.2 09

  • Sun Sdk 1.4.2 10

  • Sun Sdk 1.4.2 11

  • Sun Sdk 1.4.2 12

  • Sun Sdk 1.4.2 13

  • Sun Sdk 1.4.2 14

  • Sun Sdk 1.4.2 15

  • Sun Sdk 1.4.2 16

  • Sun Sdk 1.4.2 17


References

CERT - TA08-193A

XF - sun-virtualmachine-unauth-access(43659)

VUPEN - ADV-2008-2740

VUPEN - ADV-2008-2056

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0016.html

SECTRACK - 1020455

BID - 30141

BUGTRAQ - 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

REDHAT - RHSA-2008:0595

REDHAT - RHSA-2008:0594

CONFIRM - http://support.apple.com/kb/HT3179

CONFIRM - http://support.apple.com/kb/HT3178

SUNALERT - 238967

GENTOO - GLSA-200911-02

SECUNIA - 37386

SECUNIA - 32180

SECUNIA - 32179

SECUNIA - 32018

SECUNIA - 31600

SECUNIA - 31497

SECUNIA - 31055

SECUNIA - 31010

BUGTRAQ - 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and

SUSE - SUSE-SA:2008:042

APPLE - APPLE-SA-2008-09-24

Related Patches

Apple 2008-09-24 Java for Mac OS X 10.4 Release 7

Novell SUSE 2008:5431 java-1_4_2-sun security update for SLE 10 i586


Last Updated: 27 May 2016 10:48:04