CVE-2008-3109
Last modified
CVE-2008-3109 is a vulnerability of currently unknown severity. Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.. EPSS estimates a 3.47% chance of exploitation in the next 30 days.
Description
Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Sun | Jdk | <= 6 | Update 6 |
| Sun | Jdk | 6 | Update 1 |
| Sun | Jre | <= 6 | Update 6 |
| Sun | Jre | 6 | Update 1 |
References
- http://secunia.com/advisories/31010Vendor Advisory
- http://www.us-cert.gov/cas/techalerts/TA08-193A.htmlUS Government Resource
- http://secunia.com/advisories/31010Vendor Advisory
- http://www.us-cert.gov/cas/techalerts/TA08-193A.htmlUS Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-3109?
How severe is CVE-2008-3109?
How do I fix CVE-2008-3109?
Are you affected by CVE-2008-3109?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST