CVE-2008-3109 Information

Description

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet as demonstrated by an application or applet that grants itself privileges to (a) read local files (b) write to local files or (c) execute local programs.

Reference

http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 http://secunia.com/advisories/31010 http://secunia.com/advisories/31600 http://secunia.com/advisories/32018 http://secunia.com/advisories/32179 http://secunia.com/advisories/32180 http://secunia.com/advisories/32436 http://secunia.com/advisories/33238 http://secunia.com/advisories/37386 http://security.gentoo.org/glsa/glsa-200911-02.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-238687-1 http://support.apple.com/kb/HT3179 http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm http://www.redhat.com/support/errata/RHSA-2008-0594.html http://www.redhat.com/support/errata/RHSA-2008-0906.html http://www.redhat.com/support/errata/RHSA-2008-1045.html http://www.securityfocus.com/archive/1/497041/100/0/threaded http://www.securityfocus.com/bid/30144 http://www.securitytracker.com/id?1020456 http://www.us-cert.gov/cas/techalerts/TA08-193A.html http://www.vmware.com/security/advisories/VMSA-2008-0016.html http://www.vupen.com/english/advisories/2008/2056/references http://www.vupen.com/english/advisories/2008/2740 https://exchange.xforce.ibmcloud.com/vulnerabilities/43660 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A8540