10

CVE-2008-3107

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunJdk Updateupdate_15 Version <= 5.0
SunJdk Updateupdate_6 Version <= 6
SunJdk Version5.0 Updateupdate_1
SunJdk Version5.0 Updateupdate_10
SunJdk Version5.0 Updateupdate_11
SunJdk Version5.0 Updateupdate_12
SunJdk Version5.0 Updateupdate_13
SunJdk Version5.0 Updateupdate_14
SunJdk Version5.0 Updateupdate_2
SunJdk Version5.0 Updateupdate_3
SunJdk Version5.0 Updateupdate_4
SunJdk Version5.0 Updateupdate_5
SunJdk Version5.0 Updateupdate_6
SunJdk Version5.0 Updateupdate_7
SunJdk Version5.0 Updateupdate_8
SunJdk Version5.0 Updateupdate_9
SunJdk Version6 Updateupdate_1
SunJdk Version6 Updateupdate_2
SunJdk Version6 Updateupdate_3
SunJdk Version6 Updateupdate_4
SunJdk Version6 Updateupdate_5
SunJre Version <= 1.4.2_17
SunJre Updateupdate_15 Version <= 5.0
SunJre Updateupdate_6 Version <= 6
SunJre Version1.4.2
SunJre Version1.4.2_01
SunJre Version1.4.2_02
SunJre Version1.4.2_03
SunJre Version1.4.2_3
SunJre Version1.4.2_04
SunJre Version1.4.2_05
SunJre Version1.4.2_06
SunJre Version1.4.2_07
SunJre Version1.4.2_8
SunJre Version1.4.2_9
SunJre Version1.4.2_10
SunJre Version1.4.2_11
SunJre Version1.4.2_12
SunJre Version1.4.2_13
SunJre Version1.4.2_14
SunJre Version1.4.2_15
SunJre Version1.4.2_16
SunJre Version5.0 Updateupdate_1
SunJre Version5.0 Updateupdate_10
SunJre Version5.0 Updateupdate_11
SunJre Version5.0 Updateupdate_12
SunJre Version5.0 Updateupdate_13
SunJre Version5.0 Updateupdate_14
SunJre Version5.0 Updateupdate_2
SunJre Version5.0 Updateupdate_3
SunJre Version5.0 Updateupdate_4
SunJre Version5.0 Updateupdate_5
SunJre Version5.0 Updateupdate_6
SunJre Version5.0 Updateupdate_7
SunJre Version5.0 Updateupdate_8
SunJre Version5.0 Updateupdate_9
SunJre Version6 Updateupdate_1
SunJre Version6 Updateupdate_2
SunJre Version6 Updateupdate_3
SunJre Version6 Updateupdate_4
SunJre Version6 Updateupdate_5
SunSdk Version <= 1.4.2_17
SunSdk Version1.4.2_02
SunSdk Version1.4.2_03
SunSdk Version1.4.2_04
SunSdk Version1.4.2_05
SunSdk Version1.4.2_06
SunSdk Version1.4.2_07
SunSdk Version1.4.2_08
SunSdk Version1.4.2_09
SunSdk Version1.4.2_10
SunSdk Version1.4.2_11
SunSdk Version1.4.2_12
SunSdk Version1.4.2_13
SunSdk Version1.4.2_14
SunSdk Version1.4.2_15
SunSdk Version1.4.2_16
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.64% 0.881
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/31497
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
http://secunia.com/advisories/32018
http://support.apple.com/kb/HT3178
http://support.apple.com/kb/HT3179
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://secunia.com/advisories/31010
Vendor Advisory
http://secunia.com/advisories/31055
http://secunia.com/advisories/31600
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://www.redhat.com/support/errata/RHSA-2008-0594.html
http://www.redhat.com/support/errata/RHSA-2008-0595.html
http://www.securityfocus.com/archive/1/497041/100/0/threaded
http://www.us-cert.gov/cas/techalerts/TA08-193A.html
US Government Resource
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
http://www.vupen.com/english/advisories/2008/2056/references
http://www.vupen.com/english/advisories/2008/2740
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1
http://www.securityfocus.com/bid/30141
http://www.securitytracker.com/id?1020455
https://exchange.xforce.ibmcloud.com/vulnerabilities/43659
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10219