First published: Wed Jul 09 2008(Updated: )
Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sun JRE | =1.4.2_7 | |
Sun JRE | =1.4.2_16 | |
Sun JRE | =1.3.1 | |
Sun JRE | =1.3.1_10 | |
Sun JRE | =1.3.1_06 | |
Sun JRE | =1.4.2_4 | |
Sun JRE | =1.4.2_2 | |
Sun JRE | =1.3.1_20 | |
Sun JRE | =1.3.1_22 | |
Sun JRE | =1.5.0-update2 | |
Sun JRE | =1.3.1_2 | |
Sun JRE | =1.4.2_15 | |
Sun JRE | =1.4.2_13 | |
Sun JRE | =1.4.2_1 | |
Sun JRE | =1.4.2_8 | |
Sun JRE | =1.3.1_16 | |
Sun JRE | =1.3.1_19 | |
Sun JRE | =1.5.0-update8 | |
Sun JRE | =1.3.1_11 | |
Sun JRE | =1.3.1_17 | |
Sun JRE | =1.4.2_12 | |
Sun JRE | =1.3.1_12 | |
Sun JRE | =1.3.1_03 | |
Sun JRE | =1.3.1_14 | |
Sun JRE | =1.3.1_08 | |
Sun JRE | =1.4.2_18 | |
Sun JRE | =1.4.2_14 | |
Sun JRE | =1.5.0-update7 | |
Sun JRE | =1.5.0-update3 | |
Sun JRE | =1.3.1_07 | |
Sun JRE | =1.3.1_05 | |
Sun JRE | =1.4.2_10 | |
Sun JRE | =1.4.2_17 | |
Sun JRE | =1.5.0-update5 | |
Sun JRE | =1.4.2_9 | |
Sun JRE | =1.4.2 | |
Sun JRE | =1.5.0-update6 | |
Sun JRE | =1.3.1_13 | |
Sun JRE | =1.3.1_04 | |
Sun JRE | =1.3.1_09 | |
Sun JRE | =1.5.0-update9 | |
Sun JRE | =1.4.2_11 | |
Sun JRE | =1.5.0-update1 | |
Sun JRE | =1.3.1_18 | |
Sun JRE | =1.3.1_23 | |
Sun JRE | =1.5.0-update10 | |
Sun JRE | =1.3.1_15 | |
Sun JRE | =1.4.2_3 | |
Sun JRE | =1.5.0-update4 | |
Sun JRE | =1.4.2_5 | |
Sun JRE | =1.3.1_21 | |
Sun JRE | =1.4.2_6 | |
Sun JRE | =1.5.0 | |
Sun JDK | =1.5.0-update3 | |
Sun JDK | =1.5.0-update9 | |
Sun JDK | =1.5.0-update6 | |
Sun JDK | =1.5.0-update1 | |
Sun JDK | =1.5.0-update4 | |
Sun JDK | =1.5.0-update7 | |
Sun JDK | =1.5.0-update5 | |
Sun JDK | =1.5.0-update7_b03 | |
Sun JDK | =1.5.0-update2 | |
Sun JDK | =1.5.0-update8 | |
Sun JDK | =1.5.0-update10 | |
Sun JDK | =1.5.0 | |
Sun SDK | =1.3.1_03 | |
Sun SDK | =1.3.1_23 | |
Sun SDK | =1.4.2 | |
Sun SDK | =1.3.1_19 | |
Sun SDK | =1.3.1 | |
Sun SDK | =1.3.1_08 | |
Sun SDK | =1.4.2_10 | |
Sun SDK | =1.4.2_12 | |
Sun SDK | =1.3.1_15 | |
Sun SDK | =1.4.2_17 | |
Sun SDK | =1.4.2_14 | |
Sun SDK | =1.4.2_04 | |
Sun SDK | =1.4.2_13 | |
Sun SDK | =1.4.2_6 | |
Sun SDK | =1.3.1_07 | |
Sun SDK | =1.4.2_2 | |
Sun SDK | =1.3.1_10 | |
Sun SDK | =1.4.2_5 | |
Sun SDK | =1.3.1_06 | |
Sun SDK | =1.4.2_1 | |
Sun SDK | =1.4.2_18 | |
Sun SDK | =1.3.1_12 | |
Sun SDK | =1.4.2_4 | |
Sun SDK | =1.3.1_20 | |
Sun SDK | =1.3.1_17 | |
Sun SDK | =1.3.1_02 | |
Sun SDK | =1.3.1_18 | |
Sun SDK | =1.3.1_01 | |
Sun SDK | =1.3.1_16 | |
Sun SDK | =1.3.1_01a | |
Sun SDK | =1.3.1_22 | |
Sun SDK | =1.3.1_14 | |
Sun SDK | =1.4.2_7 | |
Sun SDK | =1.3.1_13 | |
Sun SDK | =1.4.2_09 | |
Sun SDK | =1.4.2_8 | |
Sun SDK | =1.4.2_02 | |
Sun SDK | =1.4.2_16 | |
Sun SDK | =1.4.2_11 | |
Sun SDK | =1.3.1_09 | |
Sun SDK | =1.4.2_9 | |
Sun SDK | =1.3.1_04 | |
Sun SDK | =1.3.1_21 | |
Sun SDK | =1.4.2_08 | |
Sun SDK | =1.3.1_05 | |
Sun SDK | =1.4.2_03 | |
Sun SDK | =1.4.2_3 | |
Sun SDK | =1.3.1_11 | |
Sun SDK | =1.4.2_15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2008-3108 has a medium severity rating due to the potential for local privilege escalation via vulnerabilities in font processing within the Sun Java Runtime Environment.
To fix CVE-2008-3108, upgrade to the latest version of the Sun Java Runtime Environment or apply the specific updates that address this vulnerability.
CVE-2008-3108 affects Sun Java Runtime Environment versions 5.0 before Update 10, 1.4.x before 1.4.2_18, and 1.3.x before 1.3.1_23.
CVE-2008-3108 is primarily a local privilege escalation vulnerability that requires an attacker to have access to the affected system.
Using unpatched versions of Java that are affected by CVE-2008-3108 poses a risk, as attackers could exploit the vulnerability to gain higher privileges.