Launchpad.net

CVE 2008-3104

Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.

Related bugs and status

CVE-2008-3104 (Candidate) is related to these bugs:

Bug #255011: sru request for sun-java5

		In	Importance	Status
255011	sru request for sun-java5	sun-java5 (Ubuntu)	Undecided	Invalid
255011	sru request for sun-java5	sun-java5 (Ubuntu Dapper)	Undecided	Fix Released
255011	sru request for sun-java5	sun-java5 (Ubuntu Hardy)	Undecided	Fix Released
255011	sru request for sun-java5	sun-java5 (Ubuntu Intrepid)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

SUNALERT: 238968
BID: 30140
SECUNIA: 31010
REDHAT: RHSA-2008:0594
REDHAT: RHSA-2008:0595
CERT: TA08-193A
SECUNIA: 31055
REDHAT: RHSA-2008:0790
SUSE: SUSE-SA:2008:042
SUSE: SUSE-SA:2008:043
SECUNIA: 31269
SECUNIA: 31320
SECUNIA: 31497
SECUNIA: 31600
CONFIRM: http://support.apple.c...
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2008-09-24
SUSE: SUSE-SA:2008:045
SECUNIA: 32018
CONFIRM: http://www.vmware.com/...
SECUNIA: 32180
SECUNIA: 32179
SECUNIA: 32436
SECTRACK: 1020459
REDHAT: RHSA-2008:0955
SECUNIA: 32826
REDHAT: RHSA-2008:1043
REDHAT: RHSA-2008:1044
REDHAT: RHSA-2008:1045
SECUNIA: 33236
SECUNIA: 33237
SECUNIA: 33238
SUSE: SUSE-SR:2008:028
SECUNIA: 33194
REDHAT: RHSA-2008:0906
SUSE: SUSE-SR:2009:010
SECUNIA: 35065
CONFIRM: http://support.avaya.c...
CONFIRM: http://support.avaya.c...
CONFIRM: http://support.avaya.c...
GENTOO: GLSA-200911-02
SECUNIA: 37386
VUPEN: ADV-2008-2056
VUPEN: ADV-2008-2740
SECUNIA: 31736
BUGTRAQ: 20081004 VMSA-2008-001...
XF: sun-jre-unspecified-se...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20081004 VMSA-2008-001...