CVE-2007-3922

critical

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10387

https://exchange.xforce.ibmcloud.com/vulnerabilities/35491

http://www.vupen.com/english/advisories/2007/4224

http://www.vupen.com/english/advisories/2007/3861

http://www.vupen.com/english/advisories/2007/3009

http://www.vupen.com/english/advisories/2007/2573

http://www.securitytracker.com/id?1018428

http://www.securityfocus.com/bid/25054

http://www.redhat.com/support/errata/RHSA-2008-0133.html

http://www.redhat.com/support/errata/RHSA-2007-0829.html

http://www.redhat.com/support/errata/RHSA-2007-0818.html

http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html

http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml

http://support.avaya.com/elmodocs2/security/ASA-2007-322.htm

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841

http://secunia.com/advisories/30805

http://secunia.com/advisories/28115

http://secunia.com/advisories/27635

http://secunia.com/advisories/27266

http://secunia.com/advisories/26933

http://secunia.com/advisories/26645

http://secunia.com/advisories/26631

http://secunia.com/advisories/26369

http://secunia.com/advisories/26314

http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450

http://docs.info.apple.com/article.html?artnum=307177

http://dev2dev.bea.com/pub/advisory/248

Details

Source: Mitre, NVD

Published: 2007-07-21

Updated: 2017-09-29

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical