CVE Vulnerabilities

CVE-2008-3109

Published: Jul 09, 2008 | Modified: Oct 11, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

Affected Software

Name Vendor Start Version End Version
Jdk Sun * 6 (including)
Jdk Sun 6-update_1 (including) 6-update_1 (including)
Jdk Sun 6-update_2 (including) 6-update_2 (including)
Jdk Sun 6-update_3 (including) 6-update_3 (including)
Jdk Sun 6-update_4 (including) 6-update_4 (including)
Jdk Sun 6-update_5 (including) 6-update_5 (including)
Jre Sun * 6 (including)
Jre Sun 6-update_1 (including) 6-update_1 (including)
Jre Sun 6-update_2 (including) 6-update_2 (including)
Jre Sun 6-update_3 (including) 6-update_3 (including)
Jre Sun 6-update_4 (including) 6-update_4 (including)
Jre Sun 6-update_5 (including) 6-update_5 (including)
Extras for RHEL 4 RedHat java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4 *
Extras for RHEL 4 RedHat java-1.6.0-ibm-1:1.6.0.2-1jpp.2.el4 *
Supplementary for Red Hat Enterprise Linux 5 RedHat java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5 *
Supplementary for Red Hat Enterprise Linux 5 RedHat java-1.6.0-ibm-1:1.6.0.2-1jpp.2.el5 *
Sun-java6 Ubuntu feisty *
Sun-java6 Ubuntu gutsy *
Sun-java6 Ubuntu hardy *
Sun-java6 Ubuntu upstream *

References