Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2008-3106 | First vendor Publication | 2008-07-09 |
| Vendor | Cve | Last vendor Modification | 2018-10-11 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4.3 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3106 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10866 | |||
| Oval ID: | oval:org.mitre.oval:def:10866 | ||
| Title: | Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105. | ||
| Description: | Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-3106 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux Extras 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-05-28 | Name : Java for Mac OS X 10.5 Update 2 File : nvt/macosx_java_for_10_5_upd_2.nasl |
| 2009-11-23 | Name : Gentoo Security Advisory GLSA 200911-02 (sun-jre-bin sun-jdk emul-linux-x86-j... File : nvt/glsa_200911_02.nasl |
| 2009-10-13 | Name : SLES10: Security update for IBM Java 1.5 File : nvt/sles10_java-1_5_0-ibm3.nasl |
| 2009-10-10 | Name : SLES9: Security update for IBM Java5 JRE and IBMJava5 SDK File : nvt/sles9p5034680.nasl |
| 2009-10-10 | Name : SLES9: Security update for IBM Java 5 File : nvt/sles9p5035420.nasl |
| 2009-01-23 | Name : SuSE Update for Sun Java security update SUSE-SA:2008:042 File : nvt/gb_suse_2008_042.nasl |
| 2009-01-23 | Name : SuSE Update for java-1_5_0-ibm,IBMJava5 SUSE-SA:2008:045 File : nvt/gb_suse_2008_045.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 46965 | Sun Java JDK / JRE XML Data Handling Unspecified Arbitrary URL Access |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2012-08-16 | IAVM : 2012-A-0136 - Multiple Vulnerabilities in Juniper Network Management Products Severity : Category I - VMSKEY : V0033662 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-09-13 | Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_psn_2012_08_689.nasl - Type : ACT_GATHER_INFO |
| 2013-02-22 | Name : The remote Unix host has an application that is affected by multiple vulnerab... File : sun_java_jre_5_16_unix.nasl - Type : ACT_GATHER_INFO |
| 2013-02-22 | Name : The remote Unix host has an application that is affected by multiple vulnerab... File : sun_java_jre_6_7_unix.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0594.nasl - Type : ACT_GATHER_INFO |
| 2009-11-18 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200911-02.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0790.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0906.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-1044.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-1045.nasl - Type : ACT_GATHER_INFO |
| 2009-07-27 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2008-0016.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_6_0-sun-080715.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_5_0-sun-080715.nasl - Type : ACT_GATHER_INFO |
| 2008-09-25 | Name : The remote host is affected by multiple vulnerabilities. File : macosx_java_10_5_update2.nasl - Type : ACT_GATHER_INFO |
| 2008-09-25 | Name : The remote host is affected by multiple vulnerabilities. File : macosx_java_rel7.nasl - Type : ACT_GATHER_INFO |
| 2008-09-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-5591.nasl - Type : ACT_GATHER_INFO |
| 2008-09-10 | Name : The remote Windows host has an application that is affected by multiple issues. File : vmware_multiple_vmsa_2008_0014.nasl - Type : ACT_GATHER_INFO |
| 2008-09-03 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-5557.nasl - Type : ACT_GATHER_INFO |
| 2008-08-24 | Name : The remote openSUSE host is missing a security update. File : suse_java-1_5_0-sun-5434.nasl - Type : ACT_GATHER_INFO |
| 2008-08-24 | Name : The remote openSUSE host is missing a security update. File : suse_java-1_6_0-sun-5435.nasl - Type : ACT_GATHER_INFO |
| 2008-07-15 | Name : The remote Windows host has an application that is affected by multiple vulne... File : sun_java_jre_6_7.nasl - Type : ACT_GATHER_INFO |
| 2008-07-15 | Name : The remote Windows host has an application that is affected by multiple vulne... File : sun_java_jre_5_16.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-02-02 01:09:01 |
|
| 2024-02-01 12:02:42 |
|
| 2023-09-05 12:08:23 |
|
| 2023-09-05 01:02:33 |
|
| 2023-09-02 12:08:30 |
|
| 2023-09-02 01:02:34 |
|
| 2023-08-12 12:09:59 |
|
| 2023-08-12 01:02:34 |
|
| 2023-08-11 12:08:34 |
|
| 2023-08-11 01:02:39 |
|
| 2023-08-06 12:08:11 |
|
| 2023-08-06 01:02:35 |
|
| 2023-08-04 12:08:17 |
|
| 2023-08-04 01:02:38 |
|
| 2023-07-14 12:08:16 |
|
| 2023-07-14 01:02:35 |
|
| 2023-03-29 01:09:23 |
|
| 2023-03-28 12:02:41 |
|
| 2022-10-11 12:07:20 |
|
| 2022-10-11 01:02:25 |
|
| 2021-05-05 01:04:53 |
|
| 2021-05-04 12:07:45 |
|
| 2021-04-22 01:08:08 |
|
| 2020-05-23 01:39:41 |
|
| 2020-05-23 00:21:57 |
|
| 2019-07-31 12:02:28 |
|
| 2018-11-30 12:02:28 |
|
| 2018-10-12 00:20:24 |
|
| 2018-10-10 12:02:24 |
|
| 2017-09-29 09:23:37 |
|
| 2017-08-08 09:24:13 |
|
| 2016-06-28 17:16:09 |
|
| 2016-04-26 17:37:22 |
|
| 2014-02-17 10:45:38 |
|
| 2013-11-11 12:37:59 |
|
| 2013-05-11 00:21:02 |
|
| 2012-11-07 00:17:20 |
|
