PT-2008-4534 · Oracle · Jre+3
Published
2008-07-09
·
Updated
2018-10-30
·
CVE-2008-3114
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
JDK and JRE 6 versions 6.0 through 6.0 Update 6
JDK and JRE 5.0 versions 5.0 through 5.0 Update 15
SDK and JRE 1.4.x versions 1.4.0 through 1.4.2 17
Description:
The issue allows context-dependent attackers to obtain sensitive information, specifically the cache location, via an untrusted application.
Recommendations:
For JDK and JRE 6 versions 6.0 through 6.0 Update 6, update to JDK and JRE 6 Update 7 or later.
For JDK and JRE 5.0 versions 5.0 through 5.0 Update 15, update to JDK and JRE 5.0 Update 16 or later.
For SDK and JRE 1.4.x versions 1.4.0 through 1.4.2 17, update to SDK and JRE 1.4.2 18 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jdk
Jre
Java Platform
Sdk