Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-3111

Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.

Published

2008-07-09T23:41:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-20
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	5.0	Yes
Application	sun	jdk	6	Yes
Application	sun	jdk	6	Yes
Application	sun	jdk	6	Yes
Application	sun	jre	1.4	Yes
Application	sun	jre	1.4.2_01	Yes
Application	sun	jre	1.4.2_02	Yes
Application	sun	jre	1.4.2_03	Yes
Application	sun	jre	1.4.2_04	Yes
Application	sun	jre	1.4.2_05	Yes
Application	sun	jre	1.4.2_06	Yes
Application	sun	jre	1.4.2_07	Yes
Application	sun	jre	1.4.2_8	Yes
Application	sun	jre	1.4.2_9	Yes
Application	sun	jre	1.4.2_10	Yes
Application	sun	jre	1.4.2_11	Yes
Application	sun	jre	1.4.2_12	Yes
Application	sun	jre	1.4.2_13	Yes
Application	sun	jre	1.4.2_14	Yes
Application	sun	jre	1.4.2_15	Yes
Application	sun	jre	1.4.2_16	Yes
Application	sun	jre	1.4.2_17	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	5.0	Yes
Application	sun	jre	6	Yes
Application	sun	jre	6	Yes
Application	sun	jre	6	Yes
Application	sun	sdk	1.4	Yes
Application	sun	sdk	1.4.2	Yes
Application	sun	sdk	1.4.2_01	Yes
Application	sun	sdk	1.4.2_02	Yes
Application	sun	sdk	1.4.2_03	Yes
Application	sun	sdk	1.4.2_04	Yes
Application	sun	sdk	1.4.2_05	Yes
Application	sun	sdk	1.4.2_06	Yes
Application	sun	sdk	1.4.2_07	Yes
Application	sun	sdk	1.4.2_08	Yes
Application	sun	sdk	1.4.2_09	Yes
Application	sun	sdk	1.4.2_10	Yes
Application	sun	sdk	1.4.2_11	Yes
Application	sun	sdk	1.4.2_12	Yes
Application	sun	sdk	1.4.2_13	Yes
Application	sun	sdk	1.4.2_14	Yes
Application	sun	sdk	1.4.2_15	Yes
Application	sun	sdk	1.4.2_16	Yes
Application	sun	sdk	1.4.2_17	Yes

References

http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html ([email protected])
http://marc.info/?l=bugtraq&m=122331139823057&w=2 ([email protected])
http://secunia.com/advisories/31010 Vendor Advisory ([email protected])
http://secunia.com/advisories/31055 Vendor Advisory ([email protected])
http://secunia.com/advisories/31320 Vendor Advisory ([email protected])
http://secunia.com/advisories/31497 Vendor Advisory ([email protected])
http://secunia.com/advisories/31600 Vendor Advisory ([email protected])
http://secunia.com/advisories/31736 ([email protected])
http://secunia.com/advisories/32018 Vendor Advisory ([email protected])
http://secunia.com/advisories/32179 Vendor Advisory ([email protected])
http://secunia.com/advisories/32180 Vendor Advisory ([email protected])
http://secunia.com/advisories/37386 Vendor Advisory ([email protected])
http://security.gentoo.org/glsa/glsa-200911-02.xml ([email protected])
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1 Patch ([email protected])
http://support.apple.com/kb/HT3178 ([email protected])
http://support.apple.com/kb/HT3179 ([email protected])
http://www.redhat.com/support/errata/RHSA-2008-0595.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2008-0790.html ([email protected])
http://www.securityfocus.com/archive/1/494505/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/497041/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/30148 ([email protected])
http://www.securitytracker.com/id?1020452 ([email protected])
http://www.us-cert.gov/cas/techalerts/TA08-193A.html US Government Resource ([email protected])
http://www.vmware.com/security/advisories/VMSA-2008-0016.html ([email protected])
http://www.vupen.com/english/advisories/2008/2056/references Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2008/2740 Vendor Advisory ([email protected])
http://www.zerodayinitiative.com/advisories/ZDI-08-043/ ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/43664 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10541 ([email protected])
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=122331139823057&w=2 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31010 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31055 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31320 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31497 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31600 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31736 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32018 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32179 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32180 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/37386 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200911-02.xml (af854a3a-2127-422b-91ae-364da2661108)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT3178 (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT3179 (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2008-0595.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2008-0790.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/494505/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/497041/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/30148 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1020452 (af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA08-193A.html US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.vmware.com/security/advisories/VMSA-2008-0016.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/2056/references Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/2740 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.zerodayinitiative.com/advisories/ZDI-08-043/ (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/43664 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10541 (af854a3a-2127-422b-91ae-364da2661108)