Red Hat Bugzilla – Bug 454603
CVE-2008-3109 CVE-2008-3110 Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)
Last modified: 2010-12-20 16:57:27 EST
A vulnerability in the Java Runtime Environment relating to scripting language
support may allow an untrusted applet or application to elevate its privileges.
For example, an untrusted applet may grant itself permissions to read and write
local files or execute local applications that are accessible to the user
running the untrusted applet.
A second vulnerability in the Java Runtime Environment relating to scripting
language support may allow an untrusted applet to access information from
This issue has been addressed via:
RHEL Supplementary version 5 (RHSA-2008:0594 (java-1.6.0-sun) and RHSA-2008:0906 (java-1.6.0-ibm))
Red Hat Enterprise Linux version 4 Extras (RHSA-2008:0906)