Home > Vulnerability Database > CVE-2008-3104

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2008-3104

Date: July 9, 2008

Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.

Severity Score

5.6

Related Resources (51)

Url: http://secunia.com/advisories/35065

Url: http://secunia.com/advisories/32436

Url: http://secunia.com/advisories/31269

Url: http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html

Url: http://www.vmware.com/security/advisories/VMSA-2008-0016.html

Url: http://www.securityfocus.com/bid/30140

Url: http://support.apple.com/kb/HT3178

Url: http://support.apple.com/kb/HT3179

Url: http://www.redhat.com/support/errata/RHSA-2008-1043.html

Url: http://secunia.com/advisories/31055

Url: http://secunia.com/advisories/31010

Url: http://secunia.com/advisories/33194

Url: http://secunia.com/advisories/33238

Url: http://secunia.com/advisories/33237

Url: http://secunia.com/advisories/33236

Url: http://secunia.com/advisories/31497

Url: http://www.securityfocus.com/archive/1/497041/100/0/threaded

Url: http://secunia.com/advisories/32826

Url: http://secunia.com/advisories/31736

Url: http://marc.info/?l=bugtraq&m=122331139823057&w=2

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-66-238968-1

Url: http://www.redhat.com/support/errata/RHSA-2008-1045.html

Url: http://secunia.com/advisories/31320

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/43662

Url: http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm

Url: http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html

Url: http://secunia.com/advisories/37386

Url: http://secunia.com/advisories/31600

Url: http://secunia.com/advisories/32018

Url: http://www.redhat.com/support/errata/RHSA-2008-1044.html

Url: http://secunia.com/advisories/32179

Url: http://www.redhat.com/support/errata/RHSA-2008-0594.html

Url: http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm

Url: http://www.vupen.com/english/advisories/2008/2056/references

Url: http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html

Url: http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

Url: http://secunia.com/advisories/32180

Url: http://www.securitytracker.com/id?1020459

Url: http://www.vupen.com/english/advisories/2008/2740

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-3104

Url: http://www.redhat.com/support/errata/RHSA-2008-0790.html

Url: http://www.us-cert.gov/cas/techalerts/TA08-193A.html

Url: http://security.gentoo.org/glsa/glsa-200911-02.xml

Url: http://www.redhat.com/support/errata/RHSA-2008-0906.html

Url: http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

Url: http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html

Url: http://rhn.redhat.com/errata/RHSA-2008-0955.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9565

Url: http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm

Url: http://www.redhat.com/support/errata/RHSA-2008-0595.html

Url: https://www.mend.io/vulnerability-database/CVE-2008-3104

Severity Score

5.6

Weakness Type (CWE)

Permissions, Privileges, and Access Control

CWE-264

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	5.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	6.8
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us