[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-3115Date: (C)2008-07-09   (M)2023-12-22


Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1020460
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://www.securityfocus.com/archive/1/497041/100/0/threaded
SUNALERT-238966
BID-30142
SECUNIA-31010
SECUNIA-31600
SECUNIA-32018
SECUNIA-32179
SECUNIA-32180
SECUNIA-37386
ADV-2008-2056
ADV-2008-2740
APPLE-SA-2008-09-24
GLSA-200911-02
SUSE-SA:2008:042
TA08-193A
http://support.apple.com/kb/HT3178
http://support.apple.com/kb/HT3179
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
sun-securestatic-weak-security(43665)

CWE    1
CWE-16
OVAL    1
oval:org.secpod.oval:def:9226

© SecPod Technologies