NA
CVSSv3

CVE-2008-3114

CVSSv4: NA | CVSSv3: NA | CVSSv2: 5 | VMScore: 600 | EPSS: 0.0163 | KEV: Not Included
Published: 09/07/2008 Updated: 21/11/2024

Vulnerability Summary

Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x prior to 1.4.2_18 allows context-dependent malicious users to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.

Vulnerable Product Search on Vulmon Subscribe to Product

sun jdk

sun jdk 5.0

sun jdk 6

sun jre

sun jre 1.4.2

sun jre 1.4.2 01

sun jre 1.4.2 02

sun jre 1.4.2 03

sun jre 1.4.2 04

sun jre 1.4.2 05

sun jre 1.4.2 06

sun jre 1.4.2 07

sun jre 1.4.2 8

sun jre 1.4.2 9

sun jre 1.4.2 10

sun jre 1.4.2 11

sun jre 1.4.2 12

sun jre 1.4.2 13

sun jre 1.4.2 14

sun jre 1.4.2 15

sun jre 1.4.2 16

sun jre 5.0

sun jre 6

sun sdk

sun sdk 1.4.2

sun sdk 1.4.2 01

sun sdk 1.4.2 02

sun sdk 1.4.2 03

sun sdk 1.4.2 04

sun sdk 1.4.2 05

sun sdk 1.4.2 06

sun sdk 1.4.2 07

sun sdk 1.4.2 08

sun sdk 1.4.2 09

sun sdk 1.4.2 10

sun sdk 1.4.2 11

sun sdk 1.4.2 12

sun sdk 1.4.2 13

sun sdk 1.4.2 14

sun sdk 1.4.2 15

sun sdk 1.4.2 16

Vendor Advisories

Synopsis Critical: java-142-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-142-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4Extras, and Red Hat Enterprise Linux 5 SupplementaryThis updat ...
Synopsis Critical: java-160-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras and Red Hat EnterpriseLinux 5 SupplementaryThis update has been rated as having critical ...

References

CWE-200NVD-CWE-noinfohttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2008:0955https://www.first.org/epsshttp://lists.apple.com/archives/security-announce//2008/Sep/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlhttp://marc.info/?l=bugtraq&m=122331139823057&w=2http://rhn.redhat.com/errata/RHSA-2008-0955.htmlhttp://secunia.com/advisories/31010http://secunia.com/advisories/31055http://secunia.com/advisories/31320http://secunia.com/advisories/31497http://secunia.com/advisories/31600http://secunia.com/advisories/31736http://secunia.com/advisories/32018http://secunia.com/advisories/32179http://secunia.com/advisories/32180http://secunia.com/advisories/32436http://secunia.com/advisories/32826http://secunia.com/advisories/33194http://secunia.com/advisories/35065http://secunia.com/advisories/37386http://security.gentoo.org/glsa/glsa-200911-02.xmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1http://support.apple.com/kb/HT3178http://support.apple.com/kb/HT3179http://support.avaya.com/elmodocs2/security/ASA-2008-428.htmhttp://www.redhat.com/support/errata/RHSA-2008-0594.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0595.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0790.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0906.htmlhttp://www.securityfocus.com/archive/1/497041/100/0/threadedhttp://www.securityfocus.com/bid/30148http://www.securitytracker.com/id?1020452http://www.us-cert.gov/cas/techalerts/TA08-193A.htmlhttp://www.vmware.com/security/advisories/VMSA-2008-0016.htmlhttp://www.vupen.com/english/advisories/2008/2056/referenceshttp://www.vupen.com/english/advisories/2008/2740https://exchange.xforce.ibmcloud.com/vulnerabilities/43668https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9755http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlhttp://marc.info/?l=bugtraq&m=122331139823057&w=2http://rhn.redhat.com/errata/RHSA-2008-0955.htmlhttp://secunia.com/advisories/31010http://secunia.com/advisories/31055http://secunia.com/advisories/31320http://secunia.com/advisories/31497http://secunia.com/advisories/31600http://secunia.com/advisories/31736http://secunia.com/advisories/32018http://secunia.com/advisories/32179http://secunia.com/advisories/32180http://secunia.com/advisories/32436http://secunia.com/advisories/32826http://secunia.com/advisories/33194http://secunia.com/advisories/35065http://secunia.com/advisories/37386http://security.gentoo.org/glsa/glsa-200911-02.xmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1http://support.apple.com/kb/HT3178http://support.apple.com/kb/HT3179http://support.avaya.com/elmodocs2/security/ASA-2008-428.htmhttp://www.redhat.com/support/errata/RHSA-2008-0594.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0595.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0790.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0906.htmlhttp://www.securityfocus.com/archive/1/497041/100/0/threadedhttp://www.securityfocus.com/bid/30148http://www.securitytracker.com/id?1020452http://www.us-cert.gov/cas/techalerts/TA08-193A.htmlhttp://www.vmware.com/security/advisories/VMSA-2008-0016.htmlhttp://www.vupen.com/english/advisories/2008/2056/referenceshttp://www.vupen.com/english/advisories/2008/2740https://exchange.xforce.ibmcloud.com/vulnerabilities/43668https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9755