Launchpad.net

CVE 2008-3115

Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases.

Related bugs and status

CVE-2008-3115 (Candidate) is related to these bugs:

Bug #255011: sru request for sun-java5

		In	Importance	Status
255011	sru request for sun-java5	sun-java5 (Ubuntu)	Undecided	Invalid
255011	sru request for sun-java5	sun-java5 (Ubuntu Dapper)	Undecided	Fix Released
255011	sru request for sun-java5	sun-java5 (Ubuntu Hardy)	Undecided	Fix Released
255011	sru request for sun-java5	sun-java5 (Ubuntu Intrepid)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

SUNALERT: 238966
BID: 30142
SECUNIA: 31010
CERT: TA08-193A
SUSE: SUSE-SA:2008:042
SECUNIA: 31600
CONFIRM: http://support.apple.c...
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2008-09-24
SECUNIA: 32018
CONFIRM: http://www.vmware.com/...
SECUNIA: 32180
SECUNIA: 32179
SECTRACK: 1020460
GENTOO: GLSA-200911-02
SECUNIA: 37386
VUPEN: ADV-2008-2056
VUPEN: ADV-2008-2740
BUGTRAQ: 20081004 VMSA-2008-001...
XF: sun-securestatic-weak-...
BUGTRAQ: 20081004 VMSA-2008-001...