SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2008-3108

Date: (C)2008-07-09 (M)2023-12-22

Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

SECTRACK-1020461

http://marc.info/?l=bugtraq&m=122331139823057&w=2

http://www.securityfocus.com/archive/1/497041/100/0/threaded

SUNALERT-238666

APPLE-SA-2008-09-24

SUSE-SA:2008:042

SUSE-SA:2008:043

SUSE-SA:2008:045

http://support.apple.com/kb/HT3178

http://support.apple.com/kb/HT3179

http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm

http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717

http://www.vmware.com/security/advisories/VMSA-2008-0016.html

sun-jre-font-bo(43656)

CPE 112

cpe:/a:sun:jdk:1.5.0:update10
cpe:/a:sun:jdk:1.5.0:update8
cpe:/a:sun:jdk:1.5.0:update9
cpe:/a:sun:jdk:1.5.0:update6
...

oval:org.secpod.oval:def:9219

© SecPod Technologies