// For flags

CVE-2008-3106

 

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.

Vulnerabilidad no especificada en Sun Java Runtime Environment (JRE), JDK y JRE 6 Update 6 y anteriores y JDK and JRE 5.0 Update 15 y anteriores permite a atacantes remotos acceder a URLs mediante vectores desconocidos que involucran el procesado de datos XML mediante (1) una aplicaciĆ³n o (2) un applet que no son de confianza, una vulnerabilidad distinta a CVE-2008-3105.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-07-09 CVE Reserved
  • 2008-07-09 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-11-03 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (42)
URL Tag Source
http://marc.info/?l=bugtraq&m=122331139823057&w=2 Mailing List
http://secunia.com/advisories/31320 Third Party Advisory
http://secunia.com/advisories/31497 Third Party Advisory
http://secunia.com/advisories/31600 Third Party Advisory
http://secunia.com/advisories/31736 Third Party Advisory
http://secunia.com/advisories/32018 Third Party Advisory
http://secunia.com/advisories/32179 Third Party Advisory
http://secunia.com/advisories/32180 Third Party Advisory
http://secunia.com/advisories/32436 Third Party Advisory
http://secunia.com/advisories/33237 Third Party Advisory
http://secunia.com/advisories/33238 Third Party Advisory
http://secunia.com/advisories/37386 Third Party Advisory
http://support.apple.com/kb/HT3179 X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-299.htm X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm X_refsource_confirm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014 X_refsource_confirm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717 X_refsource_confirm
http://www.securityfocus.com/archive/1/497041/100/0/threaded Mailing List
http://www.securityfocus.com/bid/30143 Vdb Entry
http://www.securitytracker.com/id?1020457 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA08-193A.html Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2008-0016.html X_refsource_confirm
http://www.vupen.com/english/advisories/2008/2056/references Vdb Entry
http://www.vupen.com/english/advisories/2008/2740 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/43658 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10866 Signature
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html 2018-10-11
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html 2018-10-11
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html 2018-10-11
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html 2018-10-11
http://secunia.com/advisories/31010 2018-10-11
http://security.gentoo.org/glsa/glsa-200911-02.xml 2018-10-11
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1 2018-10-11
http://www.redhat.com/support/errata/RHSA-2008-0594.html 2018-10-11
http://www.redhat.com/support/errata/RHSA-2008-0790.html 2018-10-11
http://www.redhat.com/support/errata/RHSA-2008-0906.html 2018-10-11
http://www.redhat.com/support/errata/RHSA-2008-1044.html 2018-10-11
http://www.redhat.com/support/errata/RHSA-2008-1045.html 2018-10-11
https://access.redhat.com/security/cve/CVE-2008-3106 2008-10-24
https://bugzilla.redhat.com/show_bug.cgi?id=1618330 2008-10-24
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 <= 5.0
Search vendor "Sun" for product "Jdk" and version " <= 5.0"
update_15
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 <= 6
Search vendor "Sun" for product "Jdk" and version " <= 6"
update_6
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_1
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_10
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_11
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_12
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_13
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_14
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_2
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_3
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_4
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_5
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_6
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_7
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_8
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_9
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 6
Search vendor "Sun" for product "Jdk" and version "6"
update_1
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 6
Search vendor "Sun" for product "Jdk" and version "6"
update_2
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 6
Search vendor "Sun" for product "Jdk" and version "6"
update_3
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 6
Search vendor "Sun" for product "Jdk" and version "6"
update_4
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 6
Search vendor "Sun" for product "Jdk" and version "6"
update_5
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 <= 5.0
Search vendor "Sun" for product "Jre" and version " <= 5.0"
update_15
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 <= 6
Search vendor "Sun" for product "Jre" and version " <= 6"
update_6
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_1
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_10
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_11
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_12
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_13
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_14
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_2
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_3
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_4
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_5
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_6
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_7
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_8
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_9
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 6
Search vendor "Sun" for product "Jre" and version "6"
update_1
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 6
Search vendor "Sun" for product "Jre" and version "6"
update_2
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 6
Search vendor "Sun" for product "Jre" and version "6"
update_3
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 6
Search vendor "Sun" for product "Jre" and version "6"
update_4
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 6
Search vendor "Sun" for product "Jre" and version "6"
update_5
Affected