Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3109

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3109
Last Modified 07 Mar 2011 10:10:13
Published 09 Jul 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3109

Summary

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

Vulnerable Systems

Application

  • Sun Jdk 6

  • Sun Jre 6


References

CERT - TA08-193A

SUNALERT - 238687

XF - sun-jre-scripting-unauth-access(43660)

VUPEN - ADV-2008-2740

VUPEN - ADV-2008-2056

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0016.html

SECTRACK - 1020456

BID - 30144

BUGTRAQ - 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

REDHAT - RHSA-2008:1045

REDHAT - RHSA-2008:0906

REDHAT - RHSA-2008:0594

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm

CONFIRM - http://support.apple.com/kb/HT3179

GENTOO - GLSA-200911-02

SECUNIA - 37386

SECUNIA - 33238

SECUNIA - 32436

SECUNIA - 32180

SECUNIA - 32179

SECUNIA - 32018

SECUNIA - 31600

SECUNIA - 31010

BUGTRAQ - 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and

SUSE - SUSE-SA:2008:042

APPLE - APPLE-SA-2008-09-24


Last Updated: 27 May 2016 10:48:04