Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3108

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-3108
Last Modified 29 Oct 2012 11:13:33
Published 09 Jul 2008 07:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3108

Summary

Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.

Vulnerable Systems

Application

  • Sun Jdk 5.0

  • Sun Jre 1.3.0

  • Sun Jre 1.3.1

  • Sun Jre 1.3.1 02

  • Sun Jre 1.3.1 03

  • Sun Jre 1.3.1 04

  • Sun Jre 1.3.1 05

  • Sun Jre 1.3.1 06

  • Sun Jre 1.3.1 07

  • Sun Jre 1.3.1 08

  • Sun Jre 1.3.1 09

  • Sun Jre 1.3.1 10

  • Sun Jre 1.3.1 11

  • Sun Jre 1.3.1 12

  • Sun Jre 1.3.1 13

  • Sun Jre 1.3.1 14

  • Sun Jre 1.3.1 15

  • Sun Jre 1.3.1 17

  • Sun Jre 1.3.1 21

  • Sun Jre 1.3.1 22

  • Sun Jre 1.4.2

  • Sun Jre 1.4.2 16

  • Sun Jre 1.4.2 17

  • Sun Jre 5.0

  • Sun Sdk 1.3.0

  • Sun Sdk 1.3.1 01

  • Sun Sdk 1.3.1 02

  • Sun Sdk 1.3.1 03

  • Sun Sdk 1.3.1 04

  • Sun Sdk 1.3.1 05

  • Sun Sdk 1.3.1 06

  • Sun Sdk 1.3.1 07

  • Sun Sdk 1.3.1 08

  • Sun Sdk 1.3.1 09

  • Sun Sdk 1.3.1 10

  • Sun Sdk 1.3.1 11

  • Sun Sdk 1.3.1 12

  • Sun Sdk 1.3.1 13

  • Sun Sdk 1.3.1 14

  • Sun Sdk 1.3.1 15

  • Sun Sdk 1.3.1 16

  • Sun Sdk 1.3.1 17

  • Sun Sdk 1.3.1 18

  • Sun Sdk 1.3.1 19

  • Sun Sdk 1.3.1 20

  • Sun Sdk 1.3.1 21

  • Sun Sdk 1.3.1 22

  • Sun Sdk 1.4.2

  • Sun Sdk 1.4.2 01

  • Sun Sdk 1.4.2 02

  • Sun Sdk 1.4.2 03

  • Sun Sdk 1.4.2 04

  • Sun Sdk 1.4.2 05

  • Sun Sdk 1.4.2 06

  • Sun Sdk 1.4.2 07

  • Sun Sdk 1.4.2 08

  • Sun Sdk 1.4.2 09

  • Sun Sdk 1.4.2 10

  • Sun Sdk 1.4.2 11

  • Sun Sdk 1.4.2 12

  • Sun Sdk 1.4.2 13

  • Sun Sdk 1.4.2 14

  • Sun Sdk 1.4.2 15

  • Sun Sdk 1.4.2 16

  • Sun Sdk 1.4.2 17


References

CERT - TA08-193A

SUNALERT - 238666

XF - sun-jre-font-bo(43656)

VUPEN - ADV-2008-2740

VUPEN - ADV-2008-2056

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0016.html

SECTRACK - 1020461

BID - 30147

BUGTRAQ - 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

REDHAT - RHSA-2008:1044

REDHAT - RHSA-2008:1043

REDHAT - RHSA-2008:0790

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm

CONFIRM - http://support.apple.com/kb/HT3179

CONFIRM - http://support.apple.com/kb/HT3178

GENTOO - GLSA-200911-02

SECUNIA - 37386

SECUNIA - 33237

SECUNIA - 33236

SECUNIA - 32180

SECUNIA - 32179

SECUNIA - 32018

SECUNIA - 31600

SECUNIA - 31497

SECUNIA - 31320

SECUNIA - 31010

BUGTRAQ - 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and

SUSE - SUSE-SA:2008:045

SUSE - SUSE-SA:2008:043

SUSE - SUSE-SA:2008:042

APPLE - APPLE-SA-2008-09-24

SECUNIA - 31736

Related Patches

Apple 2008-09-24 Java for Mac OS X 10.4 Release 7

Novell SUSE 2008:5431 java-1_4_2-sun security update for SLE 10 i586


Last Updated: 27 May 2016 10:47:14