JVN/CVE Demo: Nvdinfos

NVD

Id: 2995
Name: CVE-2008-3111
Description: Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.
Reject
CVSS Version: 2
CVSS Score: 10
Severity: High
CVSS Base Score: 10
CVSS Impact Subscore: 10
CVSS Exploit Subscore: 10
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Pub Date: 2017-01-03
Published: 2008-07-09
Modified Date: 2012-10-29
Seq: 2008-3111

Actions

Related NVD References

Id	NVD Id	NVD No.	Reference	Actions
18986	2995	CVE-2008-3111	APPLE-SA-2008-09-24	View
18987	2995	CVE-2008-3111	SUSE-SA:2008:042	View
18988	2995	CVE-2008-3111	SUSE-SA:2008:043	View
18989	2995	CVE-2008-3111	SUSE-SA:2008:045	View
18990	2995	CVE-2008-3111	20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and	View
18991	2995	CVE-2008-3111	oval:org.mitre.oval:def:10541	View
18992	2995	CVE-2008-3111	GLSA-200911-02	View
18993	2995	CVE-2008-3111	238905	View
18994	2995	CVE-2008-3111	http://support.apple.com/kb/HT3178	View
18995	2995	CVE-2008-3111	http://support.apple.com/kb/HT3179	View
18996	2995	CVE-2008-3111	RHSA-2008:0595	View
18997	2995	CVE-2008-3111	RHSA-2008:0790	View
18998	2995	CVE-2008-3111	20080717 ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow	View
18999	2995	CVE-2008-3111	20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues	View
19000	2995	CVE-2008-3111	30148	View
19001	2995	CVE-2008-3111	1020452	View
19002	2995	CVE-2008-3111	TA08-193A	View
19003	2995	CVE-2008-3111	http://www.vmware.com/security/advisories/VMSA-2008-0016.html	View
19004	2995	CVE-2008-3111	ADV-2008-2056	View
19005	2995	CVE-2008-3111	ADV-2008-2740	View
19006	2995	CVE-2008-3111	http://www.zerodayinitiative.com/advisories/ZDI-08-043/	View
19007	2995	CVE-2008-3111	sun-javawebstart-unspecified-bo(43664)	View

Related JVN

Id	Name	Title	Summary	Cveinfo Name	Cveinfo Id	Nvdinfo Name	Nvdinfo Id	Cvssv2	Cvssv3	Jvnurl	Published Date	Last Updated Date	Actions
46222	JVNDB-2008-001532	Sun Java Web Start における複数のバッファオーバーフローの脆弱性	Sun Java Web Start には、信頼されていないアプリケーションによる複数のバッファオーバーフローの脆弱性が存在します。	CVE-2008-3111	33224	CVE-2008-3111	2995	10		http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001532.html	2008-07-08	2008-11-26	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.49 MB
Controller render start	2.31 MB
View render complete	12.49 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.68
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	348.08
Event: Controller.beforeRender	4.53
» Processing toolbar data	4.45
Rendering View	466.61
» Event: View.beforeRender	0.02
» Rendering APP/View/Nvdinfos/view.ctp	452.46
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	8.90
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	2.70
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/view/2995
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/view/2995
Remote Port	5792
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.19.64.3
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.19.64.3
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.19.64.3
Unique Id	aCTJTqFyRbrnabxuOBZ9WQAAAHc
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.19.64.3
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.19.64.3
Redirect Unique Id	aCTJTqFyRbrnabxuOBZ9WQAAAHc
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.19.64.3
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.19.64.3
Redirect Redirect Unique Id	aCTJTqFyRbrnabxuOBZ9WQAAAHc
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1747241294.35
Request Time	1747241294

NVD

Actions

Related NVD References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files