// For flags

CVE-2008-3112

Sun Java Web Start Sandbox Bypass Vulnerability

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.

Vulnerabilidad no especificada en Sun Java Web Start de JDK y JRE 6 versiones anteriores a Update 7, JDK y JRE 5.0 versiones anteriores a Update 16, y SDK y JRE 1.4.x versiones anteriores a 1.4.2_18 permite a atacantes remotos crear ficheros de su elección a través de una aplicación no confiable, también conocido como CR 6703909.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
The specific flaw exists in the writeManifest() method of the CacheEntry class. A directory traversal flaw in this method allows the creation of arbitrary files on the target system. After the file has been created, a call to Runtime.getRuntime.exec() can be used to execute the file.

*Credits: Peter Csepely
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-07-09 CVE Reserved
  • 2008-07-09 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (43)
URL Tag Source
http://marc.info/?l=bugtraq&m=122331139823057&w=2 Mailing List
http://secunia.com/advisories/31055 Third Party Advisory
http://secunia.com/advisories/31320 Third Party Advisory
http://secunia.com/advisories/31497 Third Party Advisory
http://secunia.com/advisories/31600 Third Party Advisory
http://secunia.com/advisories/31736 Third Party Advisory
http://secunia.com/advisories/32018 Third Party Advisory
http://secunia.com/advisories/32179 Third Party Advisory
http://secunia.com/advisories/32180 Third Party Advisory
http://secunia.com/advisories/32436 Third Party Advisory
http://secunia.com/advisories/32826 Third Party Advisory
http://secunia.com/advisories/33194 Third Party Advisory
http://secunia.com/advisories/35065 Third Party Advisory
http://secunia.com/advisories/37386 Third Party Advisory
http://support.apple.com/kb/HT3178 X_refsource_confirm
http://support.apple.com/kb/HT3179 X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm X_refsource_confirm
http://www.securityfocus.com/archive/1/497041/100/0/threaded Mailing List
http://www.securityfocus.com/bid/30148 Vdb Entry
http://www.securitytracker.com/id?1020452 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA08-193A.html Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2008-0016.html X_refsource_confirm
http://www.vupen.com/english/advisories/2008/2056/references Vdb Entry
http://www.vupen.com/english/advisories/2008/2740 Vdb Entry
http://www.zerodayinitiative.com/advisories/ZDI-08-042 X_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/43666 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11102 Signature
URL Date SRC
URL Date SRC
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1 2018-10-30
URL Date SRC
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html 2018-10-30
http://rhn.redhat.com/errata/RHSA-2008-0955.html 2018-10-30
http://secunia.com/advisories/31010 2018-10-30
http://security.gentoo.org/glsa/glsa-200911-02.xml 2018-10-30
http://www.redhat.com/support/errata/RHSA-2008-0594.html 2018-10-30
http://www.redhat.com/support/errata/RHSA-2008-0595.html 2018-10-30
http://www.redhat.com/support/errata/RHSA-2008-0790.html 2018-10-30
http://www.redhat.com/support/errata/RHSA-2008-0906.html 2018-10-30
https://access.redhat.com/security/cve/CVE-2008-3112 2008-11-25
https://bugzilla.redhat.com/show_bug.cgi?id=454606 2008-11-25
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 <= 5.0
Search vendor "Sun" for product "Jdk" and version " <= 5.0"
update_15
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 <= 6
Search vendor "Sun" for product "Jdk" and version " <= 6"
update_6
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_10
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_11
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_12
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_13
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_14
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_2
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_3
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_4
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_5
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_6
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_7
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_8
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 5.0
Search vendor "Sun" for product "Jdk" and version "5.0"
update_9
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 6
Search vendor "Sun" for product "Jdk" and version "6"
update_1
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 6
Search vendor "Sun" for product "Jdk" and version "6"
update_2
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 6
Search vendor "Sun" for product "Jdk" and version "6"
update_3
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 6
Search vendor "Sun" for product "Jdk" and version "6"
update_4
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 6
Search vendor "Sun" for product "Jdk" and version "6"
update_5
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 <= 1.4.2_17
Search vendor "Sun" for product "Jre" and version " <= 1.4.2_17"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 <= 5.0
Search vendor "Sun" for product "Jre" and version " <= 5.0"
update_15
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 <= 6
Search vendor "Sun" for product "Jre" and version " <= 6"
update_6
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2
Search vendor "Sun" for product "Jre" and version "1.4.2"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_01
Search vendor "Sun" for product "Jre" and version "1.4.2_01"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_02
Search vendor "Sun" for product "Jre" and version "1.4.2_02"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_03
Search vendor "Sun" for product "Jre" and version "1.4.2_03"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_04
Search vendor "Sun" for product "Jre" and version "1.4.2_04"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_05
Search vendor "Sun" for product "Jre" and version "1.4.2_05"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_06
Search vendor "Sun" for product "Jre" and version "1.4.2_06"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_07
Search vendor "Sun" for product "Jre" and version "1.4.2_07"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_8
Search vendor "Sun" for product "Jre" and version "1.4.2_8"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_9
Search vendor "Sun" for product "Jre" and version "1.4.2_9"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_10
Search vendor "Sun" for product "Jre" and version "1.4.2_10"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_11
Search vendor "Sun" for product "Jre" and version "1.4.2_11"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_12
Search vendor "Sun" for product "Jre" and version "1.4.2_12"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_13
Search vendor "Sun" for product "Jre" and version "1.4.2_13"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_14
Search vendor "Sun" for product "Jre" and version "1.4.2_14"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_15
Search vendor "Sun" for product "Jre" and version "1.4.2_15"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_16
Search vendor "Sun" for product "Jre" and version "1.4.2_16"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_1
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_10
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_11
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_12
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_13
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_14
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_2
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_3
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_4
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_5
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_6
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_7
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_8
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 5.0
Search vendor "Sun" for product "Jre" and version "5.0"
update_9
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 6
Search vendor "Sun" for product "Jre" and version "6"
update_1
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 6
Search vendor "Sun" for product "Jre" and version "6"
update_2
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 6
Search vendor "Sun" for product "Jre" and version "6"
update_3
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 6
Search vendor "Sun" for product "Jre" and version "6"
update_4
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 6
Search vendor "Sun" for product "Jre" and version "6"
update_5
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2
Search vendor "Sun" for product "Sdk" and version "1.4.2"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_01
Search vendor "Sun" for product "Sdk" and version "1.4.2_01"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_02
Search vendor "Sun" for product "Sdk" and version "1.4.2_02"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_03
Search vendor "Sun" for product "Sdk" and version "1.4.2_03"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_04
Search vendor "Sun" for product "Sdk" and version "1.4.2_04"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_05
Search vendor "Sun" for product "Sdk" and version "1.4.2_05"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_06
Search vendor "Sun" for product "Sdk" and version "1.4.2_06"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_07
Search vendor "Sun" for product "Sdk" and version "1.4.2_07"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_08
Search vendor "Sun" for product "Sdk" and version "1.4.2_08"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_09
Search vendor "Sun" for product "Sdk" and version "1.4.2_09"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_10
Search vendor "Sun" for product "Sdk" and version "1.4.2_10"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_11
Search vendor "Sun" for product "Sdk" and version "1.4.2_11"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_12
Search vendor "Sun" for product "Sdk" and version "1.4.2_12"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_13
Search vendor "Sun" for product "Sdk" and version "1.4.2_13"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_14
Search vendor "Sun" for product "Sdk" and version "1.4.2_14"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_15
Search vendor "Sun" for product "Sdk" and version "1.4.2_15"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_16
Search vendor "Sun" for product "Sdk" and version "1.4.2_16"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_17
Search vendor "Sun" for product "Sdk" and version "1.4.2_17"
-
Affected