Launchpad.net

CVE 2008-3107

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

Related bugs and status

CVE-2008-3107 (Candidate) is related to these bugs:

Bug #255011: sru request for sun-java5

		In	Importance	Status
255011	sru request for sun-java5	sun-java5 (Ubuntu)	Undecided	Invalid
255011	sru request for sun-java5	sun-java5 (Ubuntu Dapper)	Undecided	Fix Released
255011	sru request for sun-java5	sun-java5 (Ubuntu Hardy)	Undecided	Fix Released
255011	sru request for sun-java5	sun-java5 (Ubuntu Intrepid)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

SUNALERT: 238967
BID: 30141
SECUNIA: 31010
REDHAT: RHSA-2008:0594
REDHAT: RHSA-2008:0595
CERT: TA08-193A
SECUNIA: 31055
SUSE: SUSE-SA:2008:042
SECUNIA: 31497
SECUNIA: 31600
CONFIRM: http://support.apple.c...
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2008-09-24
SECUNIA: 32018
CONFIRM: http://www.vmware.com/...
SECUNIA: 32180
SECUNIA: 32179
SECTRACK: 1020455
GENTOO: GLSA-200911-02
SECUNIA: 37386
VUPEN: ADV-2008-2056
VUPEN: ADV-2008-2740
BUGTRAQ: 20081004 VMSA-2008-001...
XF: sun-virtualmachine-una...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20081004 VMSA-2008-001...