PT-2007-4944 · Sun+1 · Jre+4

Publicado

2007-07-11

Atualizado

2018-10-30

CVE-2007-3698

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Sun JDK and JRE 6 versions Update 1 and earlier Sun JDK and JRE 5.0 versions Updates 7 through 11 Sun SDK and JRE 1.4.2 versions 1.4.2 11 through 1.4.2 14

Description The Java Secure Socket Extension (JSSE) in Sun JDK and JRE, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service (CPU consumption) via certain SSL/TLS handshake requests.

Recommendations For Sun JDK and JRE 6 Update 1 and earlier, update to a version later than Update 1. For Sun JDK and JRE 5.0 Updates 7 through 11, update to a version later than Update 11. For Sun SDK and JRE 1.4.2 11 through 1.4.2 14, update to a version later than 1.4.2 14.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-3698

RHSA-2007:0818

RHSA-2007:0956

RHSA-2007:1086

RHSA-2008:0100

RHSA-2008:0132

Produtos afetados

Jdk

Jre

Jsse

Java Platform

Sdk

PT-2007-4944 · Sun+1 · Jre+4

CVE-2007-3698

Identificadores relacionados

Produtos afetados

Referências · 42