CVE-2008-3107 Information

Description

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7 JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet as demonstrated by an application or applet that grants itself privileges to (a) read local files (b) write to local files or (c) execute local programs.

Reference

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 http://secunia.com/advisories/31010 http://secunia.com/advisories/31055 http://secunia.com/advisories/31497 http://secunia.com/advisories/31600 http://secunia.com/advisories/32018 http://secunia.com/advisories/32179 http://secunia.com/advisories/32180 http://secunia.com/advisories/37386 http://security.gentoo.org/glsa/glsa-200911-02.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1 http://support.apple.com/kb/HT3178 http://support.apple.com/kb/HT3179 http://www.redhat.com/support/errata/RHSA-2008-0594.html http://www.redhat.com/support/errata/RHSA-2008-0595.html http://www.securityfocus.com/archive/1/497041/100/0/threaded http://www.securityfocus.com/bid/30141 http://www.securitytracker.com/id?1020455 http://www.us-cert.gov/cas/techalerts/TA08-193A.html http://www.vmware.com/security/advisories/VMSA-2008-0016.html http://www.vupen.com/english/advisories/2008/2056/references http://www.vupen.com/english/advisories/2008/2740 https://exchange.xforce.ibmcloud.com/vulnerabilities/43659 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10219