CVE-2008-3114

Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
VendorProductVersion
sunjdk
𝑥
≤ 5.0
sunjdk
𝑥
≤ 6
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjre
𝑥
≤ 1.4.2_17
sunjre
𝑥
≤ 5.0
sunjre
𝑥
≤ 6
sunjre
1.4.2
sunjre
1.4.2_01:_01
sunjre
1.4.2_02:_02
sunjre
1.4.2_03:_03
sunjre
1.4.2_04:_04
sunjre
1.4.2_05:_05
sunjre
1.4.2_06:_06
sunjre
1.4.2_07:_07
sunjre
1.4.2_8:_8
sunjre
1.4.2_9:_9
sunjre
1.4.2_10:_10
sunjre
1.4.2_11:_11
sunjre
1.4.2_12:_12
sunjre
1.4.2_13:_13
sunjre
1.4.2_14:_14
sunjre
1.4.2_15:_15
sunjre
1.4.2_16:_16
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunsdk
𝑥
≤ 1.4.2_17
sunsdk
1.4.2
sunsdk
1.4.2_01:_01
sunsdk
1.4.2_02:_02
sunsdk
1.4.2_03:_03
sunsdk
1.4.2_04:_04
sunsdk
1.4.2_05:_05
sunsdk
1.4.2_06:_06
sunsdk
1.4.2_07:_07
sunsdk
1.4.2_08:_08
sunsdk
1.4.2_09:_09
sunsdk
1.4.2_10:_10
sunsdk
1.4.2_11:_11
sunsdk
1.4.2_12:_12
sunsdk
1.4.2_13:_13
sunsdk
1.4.2_14:_14
sunsdk
1.4.2_15:_15
sunsdk
1.4.2_16:_16
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
sun-java5
karmic
dne
jaunty
not-affected
intrepid
not-affected
hardy
Fixed 1.5.0-22-0ubuntu0.8.04
released
gutsy
ignored
feisty
ignored
dapper
ignored
sun-java6
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
Fixed 6-17-0ubuntu1.8.04
released
gutsy
ignored
feisty
ignored
dapper
dne
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://rhn.redhat.com/errata/RHSA-2008-0955.html
http://secunia.com/advisories/31010
http://secunia.com/advisories/31055
http://secunia.com/advisories/31320
http://secunia.com/advisories/31497
http://secunia.com/advisories/31600
http://secunia.com/advisories/31736
http://secunia.com/advisories/32018
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://secunia.com/advisories/32436
http://secunia.com/advisories/32826
http://secunia.com/advisories/33194
http://secunia.com/advisories/35065
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1
http://support.apple.com/kb/HT3178
http://support.apple.com/kb/HT3179
http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm
http://www.redhat.com/support/errata/RHSA-2008-0594.html
http://www.redhat.com/support/errata/RHSA-2008-0595.html
http://www.redhat.com/support/errata/RHSA-2008-0790.html
http://www.redhat.com/support/errata/RHSA-2008-0906.html
http://www.securityfocus.com/archive/1/497041/100/0/threaded
http://www.securityfocus.com/bid/30148
http://www.securitytracker.com/id?1020452
http://www.us-cert.gov/cas/techalerts/TA08-193A.html
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
http://www.vupen.com/english/advisories/2008/2056/references
http://www.vupen.com/english/advisories/2008/2740
https://exchange.xforce.ibmcloud.com/vulnerabilities/43668
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9755
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://rhn.redhat.com/errata/RHSA-2008-0955.html
http://secunia.com/advisories/31010
http://secunia.com/advisories/31055
http://secunia.com/advisories/31320
http://secunia.com/advisories/31497
http://secunia.com/advisories/31600
http://secunia.com/advisories/31736
http://secunia.com/advisories/32018
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://secunia.com/advisories/32436
http://secunia.com/advisories/32826
http://secunia.com/advisories/33194
http://secunia.com/advisories/35065
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1
http://support.apple.com/kb/HT3178
http://support.apple.com/kb/HT3179
http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm
http://www.redhat.com/support/errata/RHSA-2008-0594.html
http://www.redhat.com/support/errata/RHSA-2008-0595.html
http://www.redhat.com/support/errata/RHSA-2008-0790.html
http://www.redhat.com/support/errata/RHSA-2008-0906.html
http://www.securityfocus.com/archive/1/497041/100/0/threaded
http://www.securityfocus.com/bid/30148
http://www.securitytracker.com/id?1020452
http://www.us-cert.gov/cas/techalerts/TA08-193A.html
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
http://www.vupen.com/english/advisories/2008/2056/references
http://www.vupen.com/english/advisories/2008/2740
https://exchange.xforce.ibmcloud.com/vulnerabilities/43668
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9755