CVE-2008-3107

Severity

99%

Complexity

99%

Confidentiality

165%

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 16 years ago

2008-07-09 23:41:00

Last updated 6 years ago

2018-10-30 16:26:00

Affected Software

Sun JRE 1.4.2

1.4.2

Sun JRE 1.4.2_3

1.4.2_3

Sun JRE 1.4.2_8

1.4.2_8

Sun JRE 1.4.2_9

1.4.2_9

Sun JRE 1.4.2_10

1.4.2_10

Sun JRE 1.4.2_11

1.4.2_11

Sun JRE 1.4.2_12

1.4.2_12

Sun JRE 1.4.2_13

1.4.2_13

Sun JRE 1.4.2_14

1.4.2_14

Sun JRE 1.4.2_15

1.4.2_15

Sun JRE 1.4.2_16

1.4.2_16

Sun JRE

SDK 1.4.2_02

1.4.2_02

SDK 1.4.2_03

1.4.2_03

SDK 1.4.2_04

1.4.2_04

Sun SDK 1.4.2_08

1.4.2_08

Sun SDK 1.4.2_09

1.4.2_09

Sun SDK 1.4.2_10

1.4.2_10

Sun SDK 1.4.2_11

1.4.2_11

Sun SDK 1.4.2_12

1.4.2_12

Sun SDK 1.4.2_13

1.4.2_13

Sun SDK 1.4.2_14

1.4.2_14

Sun SDK 1.4.2_15

1.4.2_15

Sun SDK 1.4.2_16

1.4.2_16

Sun SDK

References

APPLE-SA-2008-09-24

SUSE-SA:2008:042

20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and

31010

Vendor Advisory

31055

31497

31600

32018

32179

32180

37386

GLSA-200911-02

238967

http://support.apple.com/kb/HT3178

http://support.apple.com/kb/HT3179

RHSA-2008:0594

RHSA-2008:0595

20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

30141

1020455

TA08-193A

US Government Resource

http://www.vmware.com/security/advisories/VMSA-2008-0016.html

ADV-2008-2056

ADV-2008-2740

sun-virtualmachine-unauth-access(43659)

oval:org.mitre.oval:def:10219

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.