Vulnerability Name:

CVE-2008-3108 (CCN-43656)

Assigned:2008-07-08
Published:2008-07-08
Updated:2019-07-31
Summary:Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2008-3108

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2008-09-24

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SA:2008:042

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SA:2008:043

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SA:2008:045

Source: BUGTRAQ
Type: Mailing List, Third Party Advisory
20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and

Source: CCN
Type: RHSA-2008-0638
Low: Red Hat Network Satellite Server IBM Java Runtime security update

Source: CCN
Type: RHSA-2008-0790
Critical: java-1.5.0-ibm security update

Source: CCN
Type: RHSA-2008-1043
Important: java-1.4.2-bea security update

Source: CCN
Type: RHSA-2008-1044
Important: java-1.5.0-bea security update

Source: CCN
Type: SA31010
Sun Java JDK / JRE Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
31010

Source: SECUNIA
Type: Third Party Advisory
31320

Source: SECUNIA
Type: Third Party Advisory
31497

Source: SECUNIA
Type: Third Party Advisory
31600

Source: SECUNIA
Type: Third Party Advisory
31736

Source: CCN
Type: SA32018
Mac OS X Java Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
32018

Source: CCN
Type: SA32179
VMware VirtualCenter Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
32179

Source: CCN
Type: SA32180
VMware ESX Server Sun Java JDK / JRE Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
32180

Source: SECUNIA
Type: Third Party Advisory
33236

Source: SECUNIA
Type: Third Party Advisory
33237

Source: SECUNIA
Type: Third Party Advisory
37386

Source: GENTOO
Type: Third Party Advisory
GLSA-200911-02

Source: CCN
Type: SECTRACK ID: 1020461
Java Runtime Environment (JRE) Buffer Overflow in Processing Fonts Lets Remote Users Access Files and Gain Privileges on the Target System

Source: CCN
Type: Sun Alert ID: 238666
A Security Vulnerability with the processing of fonts in the Java Runtime Environment may allow Elevation of Privileges

Source: SUNALERT
Type: Broken Link
238666

Source: CCN
Type: Apple Web site
About the security content of Java for Mac OS X 10.4, Release 7

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT3178

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT3179

Source: CONFIRM
Type: Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm

Source: CCN
Type: ASA-2008-300
A Security Vulnerability with the processing of fonts in the Java Runtime Environment may allow Elevation of Privileges (Sun 238666)

Source: CCN
Type: ASA-2008-330
java-1.5.0-ibm security update (RHSA-2008-0790)

Source: CONFIRM
Type: Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm

Source: CCN
Type: ASA-2008-507
java-1.5.0-bea security update (RHSA-2008-1044)

Source: CCN
Type: ASA-2008-508
java-1.4.2-bea security update (RHSA-2008-1043)

Source: CCN
Type: NORTEL BULLETIN ID: 2008008988, Rev 1
Nortel Response to Sun Java JDK / JRE Multiple Vulnerabilities

Source: CONFIRM
Type: Third Party Advisory
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014

Source: CCN
Type: NORTEL BULLETIN ID: 2008008988, Rev 2
Nortel Response to Sun Java JDK / JRE Multiple Vulnerabilities

Source: CONFIRM
Type: Third Party Advisory
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717

Source: REDHAT
Type: Third Party Advisory
RHSA-2008:0790

Source: REDHAT
Type: Third Party Advisory
RHSA-2008:1043

Source: REDHAT
Type: Third Party Advisory
RHSA-2008:1044

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

Source: BID
Type: Third Party Advisory, VDB Entry
30147

Source: CCN
Type: BID-30147
Sun Java Runtime Environment Font Processing Buffer Overflow Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1020461

Source: CERT
Type: Third Party Advisory, US Government Resource
TA08-193A

Source: CCN
Type: VMSA-2008-0016
VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

Source: CONFIRM
Type: Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2008-0016.html

Source: VUPEN
Type: Third Party Advisory
ADV-2008-2056

Source: VUPEN
Type: Third Party Advisory
ADV-2008-2740

Source: XF
Type: UNKNOWN
sun-jre-font-bo(43656)

Source: XF
Type: VDB Entry
sun-jre-font-bo(43656)

Source: SUSE
Type: SUSE-SA:2008:042
Sun Java security update

Source: SUSE
Type: SUSE-SA:2008:045
IBM Java Security update

Vulnerable Configuration:Configuration 1:
  • cpe:/a:sun:jre:1.3.1:-:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_2:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_03:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_04:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_05:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_06:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_07:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_08:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_09:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_10:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_11:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_12:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_13:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_14:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_15:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_16:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_17:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_18:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_19:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_20:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_21:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_22:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1_23:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2:-:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_15:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_16:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_17:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2_18:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:-:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update1:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update10:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update3:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update4:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update5:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update6:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update7:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update8:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update9:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:sun:jdk:1.5.0:-:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update9:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:sun:sdk:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_21:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_22:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_23:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_18:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/a:redhat:rhel_extras:5:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:sun:jre:1.3.1:-:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update3:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update7:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update8:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update9:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update10:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.5.0:update9:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:-:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update1:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update15:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update16:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update18:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update19:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update20:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update4:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update8:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2:update1:linux:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2:update2:linux:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2:update3:linux:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2:update4:linux:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2:update5:linux:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update1:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update4:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update5:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.5.0:update6:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2:update17:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.4.2:update16:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_05:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_06:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_07:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.4.2_01:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_21:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_22:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update12:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update17:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*
  • AND
  • cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_extras:3:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:server:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:esx_server:3.5:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:server:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:server:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:server:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:server:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:server:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:esx_server:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:server:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:virtualcenter:2.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20083108
    V
    		CVE-2008-3108
    2017-09-27
    oval:org.mitre.oval:def:22662
    P
    		ELSA-2008:0790: java-1.5.0-ibm security update (Critical)
    2014-05-26
    oval:com.redhat.rhsa:def:20080790
    P
    		RHSA-2008:0790: java-1.5.0-ibm security update (Critical)
    2008-07-31
    BACK
    sun jre 1.3.1
    sun jre 1.3.1_2
    sun jre 1.3.1_03
    sun jre 1.3.1_04
    sun jre 1.3.1_05
    sun jre 1.3.1_06
    sun jre 1.3.1_07
    sun jre 1.3.1_08
    sun jre 1.3.1_09
    sun jre 1.3.1_10
    sun jre 1.3.1_11
    sun jre 1.3.1_12
    sun jre 1.3.1_13
    sun jre 1.3.1_14
    sun jre 1.3.1_15
    sun jre 1.3.1_16
    sun jre 1.3.1_17
    sun jre 1.3.1_18
    sun jre 1.3.1_19
    sun jre 1.3.1_20
    sun jre 1.3.1_21
    sun jre 1.3.1_22
    sun jre 1.3.1_23
    sun jre 1.4.2
    sun jre 1.4.2_1
    sun jre 1.4.2_2
    sun jre 1.4.2_3
    sun jre 1.4.2_4
    sun jre 1.4.2_5
    sun jre 1.4.2_6
    sun jre 1.4.2_7
    sun jre 1.4.2_8
    sun jre 1.4.2_9
    sun jre 1.4.2_10
    sun jre 1.4.2_11
    sun jre 1.4.2_12
    sun jre 1.4.2_13
    sun jre 1.4.2_14
    sun jre 1.4.2_15
    sun jre 1.4.2_16
    sun jre 1.4.2_17
    sun jre 1.4.2_18
    sun jre 1.5.0 -
    sun jre 1.5.0 update1
    sun jre 1.5.0 update10
    sun jre 1.5.0 update2
    sun jre 1.5.0 update3
    sun jre 1.5.0 update4
    sun jre 1.5.0 update5
    sun jre 1.5.0 update6
    sun jre 1.5.0 update7
    sun jre 1.5.0 update8
    sun jre 1.5.0 update9
    sun jdk 1.5.0 -
    sun jdk 1.5.0 update1
    sun jdk 1.5.0 update10
    sun jdk 1.5.0 update2
    sun jdk 1.5.0 update3
    sun jdk 1.5.0 update4
    sun jdk 1.5.0 update5
    sun jdk 1.5.0 update6
    sun jdk 1.5.0 update7
    sun jdk 1.5.0 update7_b03
    sun jdk 1.5.0 update8
    sun jdk 1.5.0 update9
    sun sdk 1.3.1
    sun sdk 1.3.1_01
    sun sdk 1.3.1_01a
    sun sdk 1.3.1_02
    sun sdk 1.3.1_03
    sun sdk 1.3.1_04
    sun sdk 1.3.1_05
    sun sdk 1.3.1_06
    sun sdk 1.3.1_07
    sun sdk 1.3.1_08
    sun sdk 1.3.1_09
    sun sdk 1.3.1_10
    sun sdk 1.3.1_11
    sun sdk 1.3.1_12
    sun sdk 1.3.1_13
    sun sdk 1.3.1_14
    sun sdk 1.3.1_15
    sun sdk 1.3.1_16
    sun sdk 1.3.1_17
    sun sdk 1.3.1_18
    sun sdk 1.3.1_19
    sun sdk 1.3.1_20
    sun sdk 1.3.1_21
    sun sdk 1.3.1_22
    sun sdk 1.3.1_23
    sun sdk 1.4.2
    sun sdk 1.4.2_1
    sun sdk 1.4.2_02
    sun sdk 1.4.2_2
    sun sdk 1.4.2_03
    sun sdk 1.4.2_3
    sun sdk 1.4.2_04
    sun sdk 1.4.2_4
    sun sdk 1.4.2_5
    sun sdk 1.4.2_6
    sun sdk 1.4.2_7
    sun sdk 1.4.2_08
    sun sdk 1.4.2_8
    sun sdk 1.4.2_09
    sun sdk 1.4.2_9
    sun sdk 1.4.2_10
    sun sdk 1.4.2_11
    sun sdk 1.4.2_12
    sun sdk 1.4.2_13
    sun sdk 1.4.2_14
    sun sdk 1.4.2_15
    sun sdk 1.4.2_16
    sun sdk 1.4.2_17
    sun sdk 1.4.2_18
    sun jre 1.3.1
    sun sdk 1.4.2
    sun jre 1.5.0 update3
    sun jdk 1.5.0 update10
    sun jre 1.5.0 update7
    sun jre 1.5.0 update8
    sun jre 1.5.0 update9
    sun jre 1.5.0 update10
    sun sdk 1.4.2_11
    sun sdk 1.4.2_12
    sun sdk 1.4.2_13
    sun sdk 1.4.2_14
    sun jdk 1.5.0 update1
    sun jdk 1.5.0 update12
    sun jdk 1.5.0 update2
    sun jdk 1.5.0 update3
    sun jdk 1.5.0 update4
    sun jdk 1.5.0 update5
    sun jdk 1.5.0 update6
    sun jdk 1.5.0 update7
    sun jdk 1.5.0 update8
    sun jdk 1.5.0 update9
    sun jre 1.3.0
    sun jre 1.3.1 update1
    sun jre 1.3.1 update15
    sun jre 1.3.1 update16
    sun jre 1.3.1 update18
    sun jre 1.3.1 update19
    sun jre 1.3.1 update20
    sun jre 1.3.1 update4
    sun jre 1.3.1 update8
    sun jre 1.4.2 update1
    sun jre 1.4.2 update2
    sun jre 1.4.2 update3
    sun jre 1.4.2 update4
    sun jre 1.4.2 update5
    sun jre 1.5.0 update1
    sun jre 1.5.0 update2
    sun jre 1.5.0 update4
    sun jre 1.5.0 update5
    sun jre 1.5.0 update6
    sun sdk 1.3.0
    sun sdk 1.3.1_01
    sun sdk 1.3.1_16
    sun sdk 1.3.1_18
    sun sdk 1.3.1_19
    sun sdk 1.3.1_20
    sun sdk 1.4.2_03
    sun sdk 1.4.2_08
    sun sdk 1.4.2_09
    sun sdk 1.4.2_10
    sun sdk 1.4.2_15
    sun jre 1.4.2 update17
    sun sdk 1.4.2_17
    sun sdk 1.4.2_04
    sun sdk 1.4.2_02
    sun sdk 1.4.2_16
    sun jre 1.4.2 update16
    sun sdk 1.4.2_05
    sun sdk 1.4.2_06
    sun sdk 1.4.2_07
    sun sdk 1.4.2_01
    sun sdk 1.3.1_02
    sun sdk 1.3.1_04
    sun sdk 1.3.1_05
    sun sdk 1.3.1_06
    sun sdk 1.3.1_07
    sun sdk 1.3.1_08
    sun sdk 1.3.1_09
    sun sdk 1.3.1_10
    sun sdk 1.3.1_11
    sun sdk 1.3.1_12
    sun sdk 1.3.1_13
    sun sdk 1.3.1_14
    sun sdk 1.3.1_15
    sun sdk 1.3.1_17
    sun sdk 1.3.1_21
    sun sdk 1.3.1_22
    sun jre 1.3.1 update2
    sun jre 1.3.1 update12
    sun jre 1.3.1 update17
    sun sdk 1.3.1_03
    novell linux desktop 9
    apple mac os x 10.4
    apple mac os x 10.4.1
    apple mac os x server 10.4.1
    apple mac os x server 10.4
    apple mac os x server 10.4.2
    apple mac os x 10.4.2
    apple mac os x 10.4.4
    apple mac os x 10.4.3
    apple mac os x server 10.4.3
    apple mac os x server 10.4.4
    apple mac os x 10.4.5
    apple mac os x server 10.4.5
    apple mac os x 10.4.6
    redhat rhel extras 3
    redhat rhel extras 4
    apple mac os x server 10.4.6
    apple mac os x 10.4.7
    apple mac os x server 10.4.7
    vmware workstation 5.5.1
    apple mac os x server 10.4.8
    apple mac os x 10.4.8
    apple mac os x server 10.4.9
    apple mac os x 10.4.9
    vmware workstation 6.0
    apple mac os x 10.4.10
    apple mac os x server 10.4.10
    apple mac os x 10.5
    apple mac os x server 10.5
    apple mac os x 10.5.1
    apple mac os x server 10.5.1
    apple mac os x 10.5.2
    vmware ace 2.0
    apple mac os x server 10.5.2
    novell open enterprise server *
    vmware ace 1.0
    vmware ace 1.0.3
    vmware server 1.0.3
    vmware workstation 5.5
    vmware workstation 5.5.3
    vmware workstation 5.5.4
    novell opensuse 10.2
    novell opensuse 10.3
    vmware ace 2.0.3
    vmware ace 2.0.1
    vmware ace 2.0.2
    vmware esx server 3.5
    vmware server 1.0
    vmware workstation 5.5.0
    vmware workstation 5.5.2
    vmware workstation 5.5.5
    vmware workstation 5.5.6
    vmware workstation 6.0.1
    vmware workstation 6.0.2
    vmware workstation 6.0.3
    vmware ace 1.0.1
    vmware ace 1.0.2
    vmware ace 1.0.4
    vmware ace 1.0.5
    vmware server 1.0.1
    vmware server 1.0.2
    vmware server 1.0.4
    vmware server 1.0.5
    novell opensuse 11.0
    novell suse linux enterprise server 10 sp2
    apple mac os x server 10.5.3
    apple mac os x 10.5.3
    vmware esx server 3.0.3
    vmware server 1.0.6
    vmware workstation 5.5.7
    vmware workstation 6.0.4
    vmware ace 1.0.6
    vmware ace 2.0.4
    vmware virtualcenter 2.5