{
  "threat_severity" : "Critical",
  "public_date" : "2008-07-08T00:00:00Z",
  "bugzilla" : {
    "description" : "Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)",
    "id" : "454603",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=454603"
  },
  "details" : [ "Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs." ],
  "affected_release" : [ {
    "product_name" : "Extras for RHEL 4",
    "release_date" : "2008-07-14T00:00:00Z",
    "advisory" : "RHSA-2008:0594",
    "cpe" : "cpe:/a:redhat:rhel_extras:4",
    "package" : "java-1.6.0-sun-1:1.6.0.7-1jpp.2.el4"
  }, {
    "product_name" : "Extras for RHEL 4",
    "release_date" : "2008-10-24T00:00:00Z",
    "advisory" : "RHSA-2008:0906",
    "cpe" : "cpe:/a:redhat:rhel_extras:4",
    "package" : "java-1.6.0-ibm-1:1.6.0.2-1jpp.2.el4"
  }, {
    "product_name" : "Supplementary for Red Hat Enterprise Linux 5",
    "release_date" : "2008-07-14T00:00:00Z",
    "advisory" : "RHSA-2008:0594",
    "cpe" : "cpe:/a:redhat:rhel_extras:5",
    "package" : "java-1.6.0-sun-1:1.6.0.7-1jpp.1.el5"
  }, {
    "product_name" : "Supplementary for Red Hat Enterprise Linux 5",
    "release_date" : "2008-10-24T00:00:00Z",
    "advisory" : "RHSA-2008:0906",
    "cpe" : "cpe:/a:redhat:rhel_extras:5",
    "package" : "java-1.6.0-ibm-1:1.6.0.2-1jpp.2.el5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2008-3109\nhttps://nvd.nist.gov/vuln/detail/CVE-2008-3109" ],
  "name" : "CVE-2008-3109",
  "csaw" : false
}