[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-3922Date: (C)2007-07-20   (M)2023-12-22


Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1018428
SUNALERT-102995
BID-25054
SECUNIA-26314
SECUNIA-26369
SECUNIA-26631
SECUNIA-26645
SECUNIA-26933
SECUNIA-27266
SECUNIA-27635
SECUNIA-28115
SECUNIA-30805
ADV-2007-2573
ADV-2007-3009
ADV-2007-3861
ADV-2007-4224
APPLE-SA-2007-12-14
BEA07-177.00
GLSA-200709-15
RHSA-2007:0818
RHSA-2007:0829
RHSA-2008:0133
SSA:2007-243-01
SSRT071465
SUSE-SA:2007:056
http://docs.info.apple.com/article.html?artnum=307177
http://support.avaya.com/elmodocs2/security/ASA-2007-322.htm
oval:org.mitre.oval:def:10387
sun-java-class-unauthorized-access(35491)

CPE    1
cpe:/a:sun:sdk

© SecPod Technologies