7.5

CVE-2008-3109

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunJdk Updateupdate_6 Version <= 6
SunJdk Version6 Updateupdate_1
SunJdk Version6 Updateupdate_2
SunJdk Version6 Updateupdate_3
SunJdk Version6 Updateupdate_4
SunJdk Version6 Updateupdate_5
SunJre Updateupdate_6 Version <= 6
SunJre Version6 Updateupdate_1
SunJre Version6 Updateupdate_2
SunJre Version6 Updateupdate_3
SunJre Version6 Updateupdate_4
SunJre Version6 Updateupdate_5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.47% 0.875
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/32018
http://support.apple.com/kb/HT3179
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://secunia.com/advisories/31010
Vendor Advisory
http://secunia.com/advisories/31600
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://secunia.com/advisories/32436
http://secunia.com/advisories/33238
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm
http://www.redhat.com/support/errata/RHSA-2008-0594.html
http://www.redhat.com/support/errata/RHSA-2008-0906.html
http://www.redhat.com/support/errata/RHSA-2008-1045.html
http://www.securityfocus.com/archive/1/497041/100/0/threaded
http://www.us-cert.gov/cas/techalerts/TA08-193A.html
US Government Resource
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
http://www.vupen.com/english/advisories/2008/2056/references
http://www.vupen.com/english/advisories/2008/2740
http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238687-1
Patch
http://www.securityfocus.com/bid/30144
http://www.securitytracker.com/id?1020456
https://exchange.xforce.ibmcloud.com/vulnerabilities/43660
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8540