CVE-2008-3108 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	10 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:C/I:C/A:C
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 92%

Vendor	Product	Version
sun	jre	1.3.1
sun	jre	1.3.1_2:_2
sun	jre	1.3.1_03:_03
sun	jre	1.3.1_04:_04
sun	jre	1.3.1_05:_05
sun	jre	1.3.1_06:_06
sun	jre	1.3.1_07:_07
sun	jre	1.3.1_08:_08
sun	jre	1.3.1_09:_09
sun	jre	1.3.1_10:_10
sun	jre	1.3.1_11:_11
sun	jre	1.3.1_12:_12
sun	jre	1.3.1_13:_13
sun	jre	1.3.1_14:_14
sun	jre	1.3.1_15:_15
sun	jre	1.3.1_16:_16
sun	jre	1.3.1_17:_17
sun	jre	1.3.1_18:_18
sun	jre	1.3.1_19:_19
sun	jre	1.3.1_20:_20
sun	jre	1.3.1_21:_21
sun	jre	1.3.1_22:_22
sun	jre	1.3.1_23:_23
sun	jre	1.4.2
sun	jre	1.4.2_1:_1
sun	jre	1.4.2_2:_2
sun	jre	1.4.2_3:_3
sun	jre	1.4.2_4:_4
sun	jre	1.4.2_5:_5
sun	jre	1.4.2_6:_6
sun	jre	1.4.2_7:_7
sun	jre	1.4.2_8:_8
sun	jre	1.4.2_9:_9
sun	jre	1.4.2_10:_10
sun	jre	1.4.2_11:_11
sun	jre	1.4.2_12:_12
sun	jre	1.4.2_13:_13
sun	jre	1.4.2_14:_14
sun	jre	1.4.2_15:_15
sun	jre	1.4.2_16:_16
sun	jre	1.4.2_17:_17
sun	jre	1.4.2_18:_18
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	sdk	1.3.1
sun	sdk	1.3.1_01:_01
sun	sdk	1.3.1_01a:_01a
sun	sdk	1.3.1_02:_02
sun	sdk	1.3.1_03:_03
sun	sdk	1.3.1_04:_04
sun	sdk	1.3.1_05:_05
sun	sdk	1.3.1_06:_06
sun	sdk	1.3.1_07:_07
sun	sdk	1.3.1_08:_08
sun	sdk	1.3.1_09:_09
sun	sdk	1.3.1_10:_10
sun	sdk	1.3.1_11:_11
sun	sdk	1.3.1_12:_12
sun	sdk	1.3.1_13:_13
sun	sdk	1.3.1_14:_14
sun	sdk	1.3.1_15:_15
sun	sdk	1.3.1_16:_16
sun	sdk	1.3.1_17:_17
sun	sdk	1.3.1_18:_18
sun	sdk	1.3.1_19:_19
sun	sdk	1.3.1_20:_20
sun	sdk	1.3.1_21:_21
sun	sdk	1.3.1_22:_22
sun	sdk	1.3.1_23:_23
sun	sdk	1.4.2
sun	sdk	1.4.2_1:_1
sun	sdk	1.4.2_2:_2
sun	sdk	1.4.2_02:_02
sun	sdk	1.4.2_03:_03
sun	sdk	1.4.2_3:_3
sun	sdk	1.4.2_04:_04
sun	sdk	1.4.2_4:_4
sun	sdk	1.4.2_5:_5
sun	sdk	1.4.2_6:_6
sun	sdk	1.4.2_7:_7
sun	sdk	1.4.2_8:_8
sun	sdk	1.4.2_08:_08
sun	sdk	1.4.2_09:_09
sun	sdk	1.4.2_9:_9
sun	sdk	1.4.2_10:_10
sun	sdk	1.4.2_11:_11
sun	sdk	1.4.2_12:_12
sun	sdk	1.4.2_13:_13
sun	sdk	1.4.2_14:_14
sun	sdk	1.4.2_15:_15
sun	sdk	1.4.2_16:_16
sun	sdk	1.4.2_17:_17
sun	sdk	1.4.2_18:_18

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

sun-java5

karmic	dne
jaunty	not-affected
intrepid	not-affected
hardy	Fixed 1.5.0-22-0ubuntu0.8.04 released
gutsy	ignored
feisty	ignored
dapper	ignored

sun-java6

karmic	not-affected
jaunty	not-affected
intrepid	not-affected
hardy	not-affected
gutsy	not-affected
feisty	not-affected
dapper	dne

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html

http://marc.info/?l=bugtraq&m=122331139823057&w=2

http://secunia.com/advisories/31010

http://secunia.com/advisories/31320

http://secunia.com/advisories/31497

http://secunia.com/advisories/31600

http://secunia.com/advisories/31736

http://secunia.com/advisories/32018

http://secunia.com/advisories/32179

http://secunia.com/advisories/32180

http://secunia.com/advisories/33236

http://secunia.com/advisories/33237

http://secunia.com/advisories/37386

http://security.gentoo.org/glsa/glsa-200911-02.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-66-238666-1

http://support.apple.com/kb/HT3178

http://support.apple.com/kb/HT3179

http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm

http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717

http://www.redhat.com/support/errata/RHSA-2008-0790.html

http://www.redhat.com/support/errata/RHSA-2008-1043.html

http://www.redhat.com/support/errata/RHSA-2008-1044.html

http://www.securityfocus.com/archive/1/497041/100/0/threaded

http://www.securityfocus.com/bid/30147

http://www.securitytracker.com/id?1020461

http://www.us-cert.gov/cas/techalerts/TA08-193A.html

http://www.vmware.com/security/advisories/VMSA-2008-0016.html

http://www.vupen.com/english/advisories/2008/2056/references

http://www.vupen.com/english/advisories/2008/2740

https://exchange.xforce.ibmcloud.com/vulnerabilities/43656

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html

http://marc.info/?l=bugtraq&m=122331139823057&w=2

http://secunia.com/advisories/31010

http://secunia.com/advisories/31320

http://secunia.com/advisories/31497

http://secunia.com/advisories/31600

http://secunia.com/advisories/31736

http://secunia.com/advisories/32018

http://secunia.com/advisories/32179

http://secunia.com/advisories/32180

http://secunia.com/advisories/33236

http://secunia.com/advisories/33237

http://secunia.com/advisories/37386

http://security.gentoo.org/glsa/glsa-200911-02.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-66-238666-1

http://support.apple.com/kb/HT3178

http://support.apple.com/kb/HT3179

http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm

http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717

http://www.redhat.com/support/errata/RHSA-2008-0790.html

http://www.redhat.com/support/errata/RHSA-2008-1043.html

http://www.redhat.com/support/errata/RHSA-2008-1044.html

http://www.securityfocus.com/archive/1/497041/100/0/threaded

http://www.securityfocus.com/bid/30147

http://www.securitytracker.com/id?1020461

http://www.us-cert.gov/cas/techalerts/TA08-193A.html

http://www.vmware.com/security/advisories/VMSA-2008-0016.html

http://www.vupen.com/english/advisories/2008/2056/references

http://www.vupen.com/english/advisories/2008/2740

https://exchange.xforce.ibmcloud.com/vulnerabilities/43656