CVE-2008-3104
Description
Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applets outbound connections by connecting to localhost services running on the machine that loaded the applet.
Risk Information
Base Score
9.1
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score
Exploitation Probability
26.301
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Java SE Development Kit 5.0 | Windows |
| Multiple Vulnerabilities are affected in Java SE Development Kit 6 | Windows |
| (RHSA-2008:1043) Important: java-1.4.2-bea security update java-1.4.2-bea-uninstall-1.4.2.16-1jpp.3.el5.i686.rpm | Linux |
| (RHSA-2008:1044) Important: java-1.5.0-bea security update java-1.5.0-bea-uninstall-1.5.0.14-1jpp.5.el5.i686.rpm | Linux |
| (RHSA-2008:1044) Important: java-1.5.0-bea security update java-1.5.0-bea-uninstall-1.5.0.14-1jpp.5.el5.x86_64.rpm | Linux |
| (RHSA-2008:1045) Important: java-1.6.0-bea security update java-1.6.0-bea-uninstall-1.6.0.03-1jpp.6.el5.i686.rpm | Linux |
| (RHSA-2008:1045) Important: java-1.6.0-bea security update java-1.6.0-bea-uninstall-1.6.0.03-1jpp.6.el5.x86_64.rpm | Linux |
| CVE-2008-3104 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234