CVE Vulnerabilities

CVE-2007-3922

Published: Jul 21, 2007 | Modified: Sep 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet’s outbound connections by connecting to certain localhost services running on the machine that loaded the applet.

Affected Software

Name Vendor Start Version End Version
Jdk Sun * 1.5.0
Jdk Sun * 1.6.0
Jre Sun * 1.5.0
Jre Sun * 1.6.0
Sdk Sun * 1.4.2_14
Extras for RHEL 4 RedHat java-1.5.0-sun-0:1.5.0.12-1jpp.2.el4 *
Extras for RHEL 4 RedHat java-1.5.0-ibm-1:1.5.0.5-1jpp.2.el4 *
Red Hat Enterprise Linux 2.1 RedHat IBMJava2-JRE-1:1.3.1-17 *
Red Hat Enterprise Linux 2.1 RedHat IBMJava2-SDK-1:1.3.1-17 *
Supplementary for Red Hat Enterprise Linux 5 RedHat java-1.5.0-ibm-1:1.5.0.5-1jpp.0.1.el5 *
Sun-java5 Ubuntu dapper *
Sun-java5 Ubuntu edgy *
Sun-java5 Ubuntu feisty *

References