PRIOn knowledge basePRION:CVE-2007-3922Security feature bypass
Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet’s outbound connections by connecting to certain localhost services running on the machine that loaded the applet.
References
dev2dev.bea.com/pub/advisory/248
docs.info.apple.com/article.html?artnum=307177
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450
lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
secunia.com/advisories/26314
secunia.com/advisories/26369
secunia.com/advisories/26631
secunia.com/advisories/26645
secunia.com/advisories/26933
secunia.com/advisories/27266
secunia.com/advisories/27635
secunia.com/advisories/28115
secunia.com/advisories/30805
slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841
sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1
support.avaya.com/elmodocs2/security/ASA-2007-322.htm
www.gentoo.org/security/en/glsa/glsa-200709-15.xml
www.novell.com/linux/security/advisories/2007_56_ibmjava.html
www.redhat.com/support/errata/RHSA-2007-0818.html
www.redhat.com/support/errata/RHSA-2007-0829.html
www.redhat.com/support/errata/RHSA-2008-0133.html
www.securityfocus.com/bid/25054
www.securitytracker.com/id?1018428
www.vupen.com/english/advisories/2007/2573
www.vupen.com/english/advisories/2007/3009
www.vupen.com/english/advisories/2007/3861
www.vupen.com/english/advisories/2007/4224
exchange.xforce.ibmcloud.com/vulnerabilities/35491
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10387
Related
