Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3115

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3115
Last Modified 07 Mar 2011 10:10:14
Published 09 Jul 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3115

Summary

Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases.

Vulnerable Systems

Application

  • Sun Jdk 5.0

  • Sun Jdk 6

  • Sun Jre 5.0

  • Sun Jre 6


References

CERT - TA08-193A

SUNALERT - 238966

XF - sun-securestatic-weak-security(43665)

VUPEN - ADV-2008-2740

VUPEN - ADV-2008-2056

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0016.html

SECTRACK - 1020460

BID - 30142

BUGTRAQ - 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

CONFIRM - http://support.apple.com/kb/HT3179

CONFIRM - http://support.apple.com/kb/HT3178

GENTOO - GLSA-200911-02

SECUNIA - 37386

SECUNIA - 32180

SECUNIA - 32179

SECUNIA - 32018

SECUNIA - 31600

SECUNIA - 31010

BUGTRAQ - 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and

SUSE - SUSE-SA:2008:042

APPLE - APPLE-SA-2008-09-24

Related Patches

Apple 2008-09-24 Java for Mac OS X 10.4 Release 7


Last Updated: 27 May 2016 10:48:05