CyberSec.Space Logo
Back to CVE Browser

CVE-2008-3108

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0750%
EPSS Percentile25.67th
PublishedJul 9, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.

Affected Platforms (CPE)

📦
Sun

Jre

= 1.3.1
📦
Sun

Jre

= 1.3.1_2
📦
Sun

Jre

= 1.3.1_03
📦
Sun

Jre

= 1.3.1_04
📦
Sun

Jre

= 1.3.1_05
📦
Sun

Jre

= 1.3.1_06
📦
Sun

Jre

= 1.3.1_07
📦
Sun

Jre

= 1.3.1_08
📦
Sun

Jre

= 1.3.1_09
📦
Sun

Jre

= 1.3.1_10
📦
Sun

Jre

= 1.3.1_11
📦
Sun

Jre

= 1.3.1_12
📦
Sun

Jre

= 1.3.1_13
📦
Sun

Jre

= 1.3.1_14
📦
Sun

Jre

= 1.3.1_15
📦
Sun

Jre

= 1.3.1_16
📦
Sun

Jre

= 1.3.1_17
📦
Sun

Jre

= 1.3.1_18
📦
Sun

Jre

= 1.3.1_19
📦
Sun

Jre

= 1.3.1_20
📦
Sun

Jre

= 1.3.1_21
📦
Sun

Jre

= 1.3.1_22
📦
Sun

Jre

= 1.3.1_23
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2_1
📦
Sun

Jre

= 1.4.2_2
📦
Sun

Jre

= 1.4.2_3
📦
Sun

Jre

= 1.4.2_4
📦
Sun

Jre

= 1.4.2_5
📦
Sun

Jre

= 1.4.2_6
📦
Sun

Jre

= 1.4.2_7
📦
Sun

Jre

= 1.4.2_8
📦
Sun

Jre

= 1.4.2_9
📦
Sun

Jre

= 1.4.2_10
📦
Sun

Jre

= 1.4.2_11
📦
Sun

Jre

= 1.4.2_12
📦
Sun

Jre

= 1.4.2_13
📦
Sun

Jre

= 1.4.2_14
📦
Sun

Jre

= 1.4.2_15
📦
Sun

Jre

= 1.4.2_16
📦
Sun

Jre

= 1.4.2_17
📦
Sun

Jre

= 1.4.2_18
📦
Sun

Jre

= 1.5.0
📦
Sun

Jre

= 1.5.0
📦
Sun

Jre

= 1.5.0
📦
Sun

Jre

= 1.5.0
📦
Sun

Jre

= 1.5.0
📦
Sun

Jre

= 1.5.0
📦
Sun

Jre

= 1.5.0
📦
Sun

Jre

= 1.5.0
📦
Sun

Jre

= 1.5.0
📦
Sun

Jre

= 1.5.0
📦
Sun

Jre

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Jdk

= 1.5.0
📦
Sun

Sdk

= 1.3.1
📦
Sun

Sdk

= 1.3.1_01
📦
Sun

Sdk

= 1.3.1_01a
📦
Sun

Sdk

= 1.3.1_02
📦
Sun

Sdk

= 1.3.1_03
📦
Sun

Sdk

= 1.3.1_04
📦
Sun

Sdk

= 1.3.1_05
📦
Sun

Sdk

= 1.3.1_06
📦
Sun

Sdk

= 1.3.1_07
📦
Sun

Sdk

= 1.3.1_08
📦
Sun

Sdk

= 1.3.1_09
📦
Sun

Sdk

= 1.3.1_10
📦
Sun

Sdk

= 1.3.1_11
📦
Sun

Sdk

= 1.3.1_12
📦
Sun

Sdk

= 1.3.1_13
📦
Sun

Sdk

= 1.3.1_14
📦
Sun

Sdk

= 1.3.1_15
📦
Sun

Sdk

= 1.3.1_16
📦
Sun

Sdk

= 1.3.1_17
📦
Sun

Sdk

= 1.3.1_18
📦
Sun

Sdk

= 1.3.1_19
📦
Sun

Sdk

= 1.3.1_20
📦
Sun

Sdk

= 1.3.1_21
📦
Sun

Sdk

= 1.3.1_22
📦
Sun

Sdk

= 1.3.1_23
📦
Sun

Sdk

= 1.4.2
📦
Sun

Sdk

= 1.4.2_1
📦
Sun

Sdk

= 1.4.2_2
📦
Sun

Sdk

= 1.4.2_02
📦
Sun

Sdk

= 1.4.2_03
📦
Sun

Sdk

= 1.4.2_3
📦
Sun

Sdk

= 1.4.2_04
📦
Sun

Sdk

= 1.4.2_4
📦
Sun

Sdk

= 1.4.2_5
📦
Sun

Sdk

= 1.4.2_6
📦
Sun

Sdk

= 1.4.2_7
📦
Sun

Sdk

= 1.4.2_8
📦
Sun

Sdk

= 1.4.2_08
📦
Sun

Sdk

= 1.4.2_09
📦
Sun

Sdk

= 1.4.2_9
📦
Sun

Sdk

= 1.4.2_10
📦
Sun

Sdk

= 1.4.2_11
📦
Sun

Sdk

= 1.4.2_12
📦
Sun

Sdk

= 1.4.2_13
📦
Sun

Sdk

= 1.4.2_14
📦
Sun

Sdk

= 1.4.2_15
📦
Sun

Sdk

= 1.4.2_16
📦
Sun

Sdk

= 1.4.2_17
📦
Sun

Sdk

= 1.4.2_18

References & Advisories

🔗 http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html
🔗 http://marc.info/?l=bugtraq&m=122331139823057&w=2
🔗 http://secunia.com/advisories/31010
🔗 http://secunia.com/advisories/31320
🔗 http://secunia.com/advisories/31497

Related Vulnerabilities

CVE-2012-508610.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 3...

CVE-2013-243110.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6...

CVE-2004-276410.0

Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4.1 through 1.4.1_07, and 1.4.0 through 1.4.0_04 allows untru...

CVE-2013-243210.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 a...