SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2007-5232

Date: (C)2007-10-05 (M)2023-12-22

Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound connections via a DNS rebinding attack.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.0
Exploit Score: 4.9
Impact Score: 4.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: NONE

Reference:

SECTRACK-1018768

SUNALERT-103079

http://www.securityfocus.com/archive/1/482926/100/0/threaded

SUNALERT-201519

APPLE-SA-2007-12-14

SUSE-SA:2007:055

SUSE-SA:2008:025

http://conference.hitb.org/hitbsecconf2007kl/?page_id=148

http://conference.hitb.org/hitbsecconf2007kl/materials/D2T1%20-%20Billy%20Rios%20-%20Slipping%20Past%20the%20Firewall.pdf

http://docs.info.apple.com/article.html?artnum=307177

http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html

http://www.vmware.com/security/advisories/VMSA-2008-0010.html

oval:org.mitre.oval:def:9331

sun-java-appletcaching-security-bypass(36941)

cpe:/a:sun:sdk:1.3.1_20
cpe:/a:sun:sdk:1.4.2_03
cpe:/a:sun:jre:1.3.1:update20
cpe:/a:sun:jdk:1.5.0:update10
...

© SecPod Technologies