|Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and
earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15
and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy
server is used, allows remote attackers to violate the security model
for an applet's outbound connections via a multi-pin DNS rebinding
attack in which the applet download relies on DNS resolution on the
proxy server, but the applet's socket operations rely on DNS
resolution on the local machine, a different issue than CVE-2007-5274.
NOTE: this is similar to CVE-2007-5232.