Home > Vulnerability Database > CVE-2008-3106

Mend.io Vulnerability Database

CVE-2008-3106

Date: July 9, 2008

Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.

Severity Score

3.7

Related Resources (42)

Url: http://secunia.com/advisories/31320

Url: http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm

Url: http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html

Url: http://secunia.com/advisories/37386

Url: http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html

Url: http://secunia.com/advisories/32436

Url: http://secunia.com/advisories/31600

Url: http://secunia.com/advisories/32018

Url: http://www.vmware.com/security/advisories/VMSA-2008-0016.html

Url: http://www.redhat.com/support/errata/RHSA-2008-1044.html

Url: http://secunia.com/advisories/32179

Url: http://www.redhat.com/support/errata/RHSA-2008-0594.html

Url: http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm

Url: http://www.vupen.com/english/advisories/2008/2056/references

Url: http://support.apple.com/kb/HT3179

Url: http://www.securityfocus.com/bid/30143

Url: http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717

Url: http://secunia.com/advisories/32180

Url: http://www.vupen.com/english/advisories/2008/2740

Url: http://www.securitytracker.com/id?1020457

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-3106

Url: http://www.redhat.com/support/errata/RHSA-2008-0790.html

Url: http://support.avaya.com/elmodocs2/security/ASA-2008-299.htm

Url: http://secunia.com/advisories/31010

Url: http://www.us-cert.gov/cas/techalerts/TA08-193A.html

Url: http://security.gentoo.org/glsa/glsa-200911-02.xml

Url: http://www.redhat.com/support/errata/RHSA-2008-0906.html

Url: http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html

Url: http://secunia.com/advisories/33238

Url: http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html

Url: http://secunia.com/advisories/33237

Url: http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1

Url: http://secunia.com/advisories/31497

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/43658

Url: http://www.securityfocus.com/archive/1/497041/100/0/threaded

Url: http://secunia.com/advisories/31736

Url: http://marc.info/?l=bugtraq&m=122331139823057&w=2

Url: http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm

Url: http://www.redhat.com/support/errata/RHSA-2008-1045.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10866

Url: https://www.mend.io/vulnerability-database/CVE-2008-3106

Severity Score

3.7

Weakness Type (CWE)

Permissions, Privileges, and Access Control

CWE-264

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2008-3106

Date: July 9, 2008

Severity Score

Related Resources (42)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?