CVE-2008-3106JDK vulnerability

6 documents5 sources
Severity
4.3MEDIUMNVD
CNA8.3
EPSS
15.8%
top 5.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN JDKSUN JRE
Timeline
PublishedJul 9
Latest updateMay 1

Description

Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDsun/jdk5.0+3
NVDsun/jre5.0+3

🔴Vulnerability Details

2
GHSA
GHSA-vjpx-8gm7-4pxc: Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 52022-05-01
CVEList
CVE-2008-3106: Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 52008-07-09

📋Vendor Advisories

1
Red Hat
security flaw2008-07-08

💬Community

2
Bugzilla
CVE-2008-3106 security flaw2018-08-16
Bugzilla
CVE-2008-3105 CVE-2008-3106 OpenJDK JAX-WS unauthorized URL access (6542088)2008-06-24
CVE-2008-3106 — SUN JDK vulnerability | cvebase