Lucene search

[email protected]NVD:CVE-2007-5232

HistoryOct 05, 2007 - 11:17 p.m.

CVE-2007-5232

2007-10-0523:17:00

[email protected]

web.nvd.nist.gov

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.047 Low

EPSS

Percentile

92.7%

JSON

Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet’s outbound connections via a DNS rebinding attack.

Affected configurations

NVD

Node

sunjdkMatch1.5.0update1

sunjdkMatch1.5.0update10

sunjdkMatch1.5.0update11

sunjdkMatch1.5.0update12

sunjdkMatch1.5.0update2

sunjdkMatch1.5.0update3

sunjdkMatch1.5.0update4

sunjdkMatch1.5.0update5

sunjdkMatch1.5.0update7

sunjdkMatch1.5.0update8

sunjdkMatch1.5.0update9

sunjdkMatch1.6.0update1

sunjdkMatch1.6.0update2

sunjreMatch1.3.0

sunjreMatch1.3.0update5

sunjreMatch1.3.1update1

sunjreMatch1.3.1update16

sunjreMatch1.3.1update18

sunjreMatch1.3.1update19

sunjreMatch1.3.1update1a

sunjreMatch1.3.1update20

sunjreMatch1.4

sunjreMatch1.4.1update3

sunjreMatch1.4.2

sunjreMatch1.4.2_1

sunjreMatch1.4.2_3

sunjreMatch1.4.2_8

sunjreMatch1.4.2_9

sunjreMatch1.4.2_10

sunjreMatch1.4.2_11

sunjreMatch1.4.2_12

sunjreMatch1.4.2_13

sunjreMatch1.4.2_14

sunjreMatch1.4.2_15

sunjreMatch1.5.0update1

sunjreMatch1.5.0update10

sunjreMatch1.5.0update11

sunjreMatch1.5.0update12

sunjreMatch1.5.0update2

sunjreMatch1.5.0update3

sunjreMatch1.5.0update4

sunjreMatch1.5.0update5

sunjreMatch1.5.0update6

sunjreMatch1.5.0update7

sunjreMatch1.5.0update8

sunjreMatch1.5.0update9

sunjreMatch1.6.0update_1

sunjreMatch1.6.0update_2

sunsdkMatch1.3.1_01

sunsdkMatch1.3.1_01a

sunsdkMatch1.3.1_16

sunsdkMatch1.3.1_18

sunsdkMatch1.3.1_19

sunsdkMatch1.3.1_20

sunsdkMatch1.4.2

sunsdkMatch1.4.2_03

sunsdkMatch1.4.2_08

sunsdkMatch1.4.2_09

sunsdkMatch1.4.2_10

sunsdkMatch1.4.2_11

sunsdkMatch1.4.2_12

sunsdkMatch1.4.2_13

sunsdkMatch1.4.2_14

sunsdkMatch1.4.2_15

References

conference.hitb.org/hitbsecconf2007kl/?page_id=148

conference.hitb.org/hitbsecconf2007kl/materials/D2T1%20-%20Billy%20Rios%20-%20Slipping%20Past%20the%20Firewall.pdf

dev2dev.bea.com/pub/advisory/272

docs.info.apple.com/article.html?artnum=307177

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533

lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html

secunia.com/advisories/27206

secunia.com/advisories/27261

secunia.com/advisories/27693

secunia.com/advisories/27716

secunia.com/advisories/27804

secunia.com/advisories/28115

secunia.com/advisories/28777

secunia.com/advisories/28880

secunia.com/advisories/29042

secunia.com/advisories/29214

secunia.com/advisories/29340

secunia.com/advisories/29858

secunia.com/advisories/29897

secunia.com/advisories/30676

secunia.com/advisories/30780

security.gentoo.org/glsa/glsa-200804-28.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1

sunsolve.sun.com/search/document.do?assetkey=1-66-201519-1

support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html

www.gentoo.org/security/en/glsa/glsa-200804-20.xml

www.gentoo.org/security/en/glsa/glsa-200806-11.xml

www.kb.cert.org/vuls/id/336105

www.novell.com/linux/security/advisories/2007_55_java.html

www.redhat.com/support/errata/RHSA-2007-0963.html

www.redhat.com/support/errata/RHSA-2007-1041.html

www.redhat.com/support/errata/RHSA-2008-0100.html

www.redhat.com/support/errata/RHSA-2008-0132.html

www.redhat.com/support/errata/RHSA-2008-0156.html

www.securityfocus.com/archive/1/482926/100/0/threaded

www.securityfocus.com/bid/25918

www.securitytracker.com/id?1018768

www.vmware.com/security/advisories/VMSA-2008-0010.html

www.vupen.com/english/advisories/2007/3895

www.vupen.com/english/advisories/2007/4224

www.vupen.com/english/advisories/2008/0609

www.vupen.com/english/advisories/2008/1856/references

exchange.xforce.ibmcloud.com/vulnerabilities/36941

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9331

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.047 Low

EPSS

Percentile

92.7%

JSON

Related for NVD:CVE-2007-5232

freebsd1 prion3 openvas24 cve3 cert1 ubuntucve3 cvelist3 nessus22 nvd2 redhat5 securityvulns1 suse2 vmware2 gentoo1