Vulnerability Description
Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Jdk | <= 5.0 |
| Sun | Jre | <= 5.0 |
Related Weaknesses (CWE)
References
- http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html
- http://marc.info/?l=bugtraq&m=122331139823057&w=2
- http://secunia.com/advisories/31010Vendor Advisory
- http://secunia.com/advisories/31320
- http://secunia.com/advisories/31497
- http://secunia.com/advisories/31600
- http://secunia.com/advisories/31736
- http://secunia.com/advisories/32018
- http://secunia.com/advisories/32179
- http://secunia.com/advisories/32180
- http://secunia.com/advisories/32436
- http://secunia.com/advisories/33237
FAQ
What is CVE-2008-3106?
CVE-2008-3106 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vecto...
How severe is CVE-2008-3106?
CVE-2008-3106 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3106?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Jdk, Sun Jre.