CVE Vulnerabilities

CVE-2007-3698

Published: Jul 11, 2007 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.2_11 through 1.4.2_14, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service (CPU consumption) via certain SSL/TLS handshake requests.

Affected Software

Name Vendor Start Version End Version
Jdk Sun 1.5.0-update10 (including) 1.5.0-update10 (including)
Jdk Sun 1.5.0-update11 (including) 1.5.0-update11 (including)
Jdk Sun 1.5.0-update7 (including) 1.5.0-update7 (including)
Jdk Sun 1.5.0-update8 (including) 1.5.0-update8 (including)
Jdk Sun 1.5.0-update9 (including) 1.5.0-update9 (including)
Jdk Sun 1.6.0-update1 (including) 1.6.0-update1 (including)
Jre Sun 1.4.2_11 (including) 1.4.2_11 (including)
Jre Sun 1.4.2_12 (including) 1.4.2_12 (including)
Jre Sun 1.4.2_13 (including) 1.4.2_13 (including)
Jre Sun 1.4.2_14 (including) 1.4.2_14 (including)
Jre Sun 1.5.0-update10 (including) 1.5.0-update10 (including)
Jre Sun 1.5.0-update11 (including) 1.5.0-update11 (including)
Jre Sun 1.5.0-update7 (including) 1.5.0-update7 (including)
Jre Sun 1.5.0-update8 (including) 1.5.0-update8 (including)
Jre Sun 1.5.0-update9 (including) 1.5.0-update9 (including)
Jre Sun 1.6.0-update_1 (including) 1.6.0-update_1 (including)
Sdk Sun 1.4.2_11 (including) 1.4.2_11 (including)
Sdk Sun 1.4.2_12 (including) 1.4.2_12 (including)
Sdk Sun 1.4.2_13 (including) 1.4.2_13 (including)
Sdk Sun 1.4.2_14 (including) 1.4.2_14 (including)

References