CVE - CVE-2007-3922

CVE-ID
CVE-2007-3922	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2007-12-14 URL:http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html BEA:BEA07-177.00 URL:~~http://dev2dev.bea.com/pub/advisory/248~~ (Obsolete source - check if archived by the Wayback Machine) BID:25054 URL:http://www.securityfocus.com/bid/25054 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-322.htm GENTOO:GLSA-200709-15 URL:http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml HP:HPSBMA02288 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450 HP:SSRT071465 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450 MISC:http://docs.info.apple.com/article.html?artnum=307177 OVAL:oval:org.mitre.oval:def:10387 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10387 REDHAT:RHSA-2007:0818 URL:http://www.redhat.com/support/errata/RHSA-2007-0818.html REDHAT:RHSA-2007:0829 URL:http://www.redhat.com/support/errata/RHSA-2007-0829.html REDHAT:RHSA-2008:0133 URL:http://www.redhat.com/support/errata/RHSA-2008-0133.html SECTRACK:1018428 URL:http://www.securitytracker.com/id?1018428 SECUNIA:26314 URL:http://secunia.com/advisories/26314 SECUNIA:26369 URL:http://secunia.com/advisories/26369 SECUNIA:26631 URL:http://secunia.com/advisories/26631 SECUNIA:26645 URL:http://secunia.com/advisories/26645 SECUNIA:26933 URL:http://secunia.com/advisories/26933 SECUNIA:27266 URL:http://secunia.com/advisories/27266 SECUNIA:27635 URL:http://secunia.com/advisories/27635 SECUNIA:28115 URL:http://secunia.com/advisories/28115 SECUNIA:30805 URL:http://secunia.com/advisories/30805 SLACKWARE:SSA:2007-243-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841 SUNALERT:102995 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1~~ (Obsolete source) SUSE:SUSE-SA:2007:056 URL:http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html VUPEN:ADV-2007-2573 URL:~~http://www.vupen.com/english/advisories/2007/2573~~ (Obsolete source) VUPEN:ADV-2007-3009 URL:~~http://www.vupen.com/english/advisories/2007/3009~~ (Obsolete source) VUPEN:ADV-2007-3861 URL:~~http://www.vupen.com/english/advisories/2007/3861~~ (Obsolete source) VUPEN:ADV-2007-4224 URL:~~http://www.vupen.com/english/advisories/2007/4224~~ (Obsolete source) XF:sun-java-class-unauthorized-access(35491) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/35491
Assigning CNA
MITRE Corporation
Date Record Created
20070720	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070720)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)