CVE-2008-3115

EUVD-2008-3105
Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
sunjdk
𝑥
≤ 6
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjre
𝑥
≤ 6
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
sun-java5
dapper
ignored
feisty
ignored
gutsy
ignored
hardy
Fixed 1.5.0-22-0ubuntu0.8.04
released
intrepid
not-affected
jaunty
not-affected
karmic
dne
sun-java6
dapper
dne
feisty
ignored
gutsy
ignored
hardy
Fixed 6-17-0ubuntu1.8.04
released
intrepid
not-affected
jaunty
not-affected
karmic
not-affected
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://secunia.com/advisories/31010
http://secunia.com/advisories/31600
http://secunia.com/advisories/32018
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238966-1
http://support.apple.com/kb/HT3178
http://support.apple.com/kb/HT3179
http://www.securityfocus.com/archive/1/497041/100/0/threaded
http://www.securityfocus.com/bid/30142
http://www.securitytracker.com/id?1020460
http://www.us-cert.gov/cas/techalerts/TA08-193A.html
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
http://www.vupen.com/english/advisories/2008/2056/references
http://www.vupen.com/english/advisories/2008/2740
https://exchange.xforce.ibmcloud.com/vulnerabilities/43665
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://secunia.com/advisories/31010
http://secunia.com/advisories/31600
http://secunia.com/advisories/32018
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238966-1
http://support.apple.com/kb/HT3178
http://support.apple.com/kb/HT3179
http://www.securityfocus.com/archive/1/497041/100/0/threaded
http://www.securityfocus.com/bid/30142
http://www.securitytracker.com/id?1020460
http://www.us-cert.gov/cas/techalerts/TA08-193A.html
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
http://www.vupen.com/english/advisories/2008/2056/references
http://www.vupen.com/english/advisories/2008/2740
https://exchange.xforce.ibmcloud.com/vulnerabilities/43665