Unrated severityNVD Advisory· Published Jul 9, 2008· Updated Apr 23, 2026
CVE-2008-3114
CVE-2008-3114
Description
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.
Affected products
77cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*+ 19 more
- cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_8:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:5.0:update_9:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:*:update_15:*:*:*:*:*:*range: <=5.0
- cpe:2.3:a:sun:jdk:*:update_6:*:*:*:*:*:*range: <=6
cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*+ 38 more
- cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*range: <=1.4.2_17
- cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_01:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_02:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_03:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_04:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_05:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_06:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_07:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_8:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:5.0:update_9:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:*:update_15:*:*:*:*:*:*range: <=5.0
- cpe:2.3:a:sun:jre:*:update_6:*:*:*:*:*:*range: <=6
cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*range: <=1.4.2_17
- cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_01:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_05:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_06:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_07:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
40- sunsolve.sun.com/search/document.donvdPatch
- secunia.com/advisories/31010nvdVendor Advisory
- www.us-cert.gov/cas/techalerts/TA08-193A.htmlnvdUS Government Resource
- lists.apple.com/archives/security-announce//2008/Sep/msg00008.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlnvd
- marc.infonvd
- rhn.redhat.com/errata/RHSA-2008-0955.htmlnvd
- secunia.com/advisories/31055nvd
- secunia.com/advisories/31320nvd
- secunia.com/advisories/31497nvd
- secunia.com/advisories/31600nvd
- secunia.com/advisories/31736nvd
- secunia.com/advisories/32018nvd
- secunia.com/advisories/32179nvd
- secunia.com/advisories/32180nvd
- secunia.com/advisories/32436nvd
- secunia.com/advisories/32826nvd
- secunia.com/advisories/33194nvd
- secunia.com/advisories/35065nvd
- secunia.com/advisories/37386nvd
- security.gentoo.org/glsa/glsa-200911-02.xmlnvd
- support.apple.com/kb/HT3178nvd
- support.apple.com/kb/HT3179nvd
- support.avaya.com/elmodocs2/security/ASA-2008-428.htmnvd
- www.redhat.com/support/errata/RHSA-2008-0594.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0595.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0790.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0906.htmlnvd
- www.securityfocus.com/archive/1/497041/100/0/threadednvd
- www.securityfocus.com/bid/30148nvd
- www.securitytracker.com/idnvd
- www.vmware.com/security/advisories/VMSA-2008-0016.htmlnvd
- www.vupen.com/english/advisories/2008/2056/referencesnvd
- www.vupen.com/english/advisories/2008/2740nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/43668nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9755nvd
News mentions
0No linked articles in our index yet.