CVE-2008-3110 — JDK vulnerability

CWE-2646 documents5 sources

Severity

4.3MEDIUMNVD

EPSS

6.2%

top 9.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN JDK SUN JRE

Timeline

PublishedJul 9

Latest updateMay 1

Description

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to obtain sensitive information by using an applet to read information from another applet.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDsun/jdk6+1

▶NVDsun/jre6+1

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-p45x-6rjm-x9qf: Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote atta↗2022-05-01

▶

CVEList

CVE-2008-3110: Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote atta↗2008-07-09

▶

📋Vendor Advisories

Red Hat

security flaw↗2008-07-08

▶

💬Community

Bugzilla

CVE-2008-3110 security flaw↗2018-08-16

▶

Bugzilla

CVE-2008-3109 CVE-2008-3110 Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)↗2008-07-09

▶