CVE - CVE-2007-3922

CVE-ID
CVE-2007-3922	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:http://docs.info.apple.com/article.html?artnum=307177 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-322.htm APPLE:APPLE-SA-2007-12-14 URL:http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html BEA:BEA07-177.00 URL:http://dev2dev.bea.com/pub/advisory/248 GENTOO:GLSA-200709-15 URL:http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml HP:HPSBMA02288 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450 HP:SSRT071465 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450 REDHAT:RHSA-2007:0818 URL:http://www.redhat.com/support/errata/RHSA-2007-0818.html REDHAT:RHSA-2007:0829 URL:http://www.redhat.com/support/errata/RHSA-2007-0829.html REDHAT:RHSA-2008:0133 URL:http://www.redhat.com/support/errata/RHSA-2008-0133.html SLACKWARE:SSA:2007-243-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841 SUNALERT:102995 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 SUSE:SUSE-SA:2007:056 URL:http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html BID:25054 URL:http://www.securityfocus.com/bid/25054 OVAL:oval:org.mitre.oval:def:10387 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10387 VUPEN:ADV-2007-2573 URL:http://www.vupen.com/english/advisories/2007/2573 VUPEN:ADV-2007-3009 URL:http://www.vupen.com/english/advisories/2007/3009 VUPEN:ADV-2007-3861 URL:http://www.vupen.com/english/advisories/2007/3861 VUPEN:ADV-2007-4224 URL:http://www.vupen.com/english/advisories/2007/4224 SECTRACK:1018428 URL:http://www.securitytracker.com/id?1018428 SECUNIA:26314 URL:http://secunia.com/advisories/26314 SECUNIA:26369 URL:http://secunia.com/advisories/26369 SECUNIA:26631 URL:http://secunia.com/advisories/26631 SECUNIA:26933 URL:http://secunia.com/advisories/26933 SECUNIA:27266 URL:http://secunia.com/advisories/27266 SECUNIA:26645 URL:http://secunia.com/advisories/26645 SECUNIA:27635 URL:http://secunia.com/advisories/27635 SECUNIA:28115 URL:http://secunia.com/advisories/28115 SECUNIA:30805 URL:http://secunia.com/advisories/30805 XF:sun-java-class-unauthorized-access(35491) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/35491
Assigning CNA
N/A
Date Entry Created
20070720	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070720)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org