Oval Definition:	oval:org.opensuse.security:def:20083111
Revision Date: 2017-09-27 Version: 1 Title: CVE-2008-3111 Description: Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220. Family: unix Class: vulnerability Status: Reference(s): CVE-2008-3111 Platform(s): Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 Open Enterprise Server openSUSE 10.3 openSUSE 11.0 SUSE Linux Enterprise SDK 10 SP2 Product(s): Definition Synopsis sles10-sp2-sdk is installed AND Package Information java-1_4_2-ibm-devel less than 1.4.2_sr11-0.6 OR java-1_4_2-ibm-jdbc less than 1.4.2_sr11-0.6 OR java-1_4_2-ibm-plugin less than 1.4.2_sr11-0.6 OR java-1_4_2-ibm less than 1.4.2_sr11-0.6
BACK