CVE-2008-3115

Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases.

Published: Jul 10, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3115
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-16

OWASP TOP 10:

A6 - Security Misconfiguration

Affected Software
References

Software	From	Fixed in
sun / jdk	5.0-update_12	5.0-update_12.x
sun / jdk	5.0-update_15	5.0-update_15.x
sun / jre	5.0-update_13	5.0-update_13.x
sun / jdk	5.0-update_11	5.0-update_11.x
sun / jdk	5.0-update_8	5.0-update_8.x
sun / jre	5.0-update_14	5.0-update_14.x
sun / jre	6-update_3	6-update_3.x
sun / jre	6-update_4	6-update_4.x
sun / jre	5.0-update_12	5.0-update_12.x
sun / jdk	6-update_1	6-update_1.x
sun / jdk	6-update_3	6-update_3.x
sun / jre	6-update_2	6-update_2.x
sun / jdk	6-update_4	6-update_4.x
sun / jre	5.0-update_9	5.0-update_9.x
sun / jre	5.0-update_8	5.0-update_8.x
sun / jre	5.0-update_7	5.0-update_7.x
sun / jdk	5.0-update_6	5.0-update_6.x
sun / jre	5.0-update_15	5.0-update_15.x
sun / jre	-	6.x
sun / jre	6-update_5	6-update_5.x
sun / jdk	-	6.x
sun / jdk	5.0-update_14	5.0-update_14.x
sun / jdk	6-update_2	6-update_2.x
sun / jdk	5.0-update_13	5.0-update_13.x
sun / jre	5.0-update_6	5.0-update_6.x
sun / jre	5.0-update_11	5.0-update_11.x
sun / jre	6-update_1	6-update_1.x
sun / jdk	6-update_5	6-update_5.x
sun / jdk	5.0-update_10	5.0-update_10.x
sun / jdk	5.0-update_9	5.0-update_9.x
sun / jre	5.0-update_10	5.0-update_10.x
sun / jdk	5.0-update_7	5.0-update_7.x

Vulnerability Database

CVE-2008-3115

Deep Security Visibility Without the Complexity