CVE-2007-3922

Name of the Vulnerable Software and Affected Versions: Java Runtime Environment (JRE) versions 1.4.2 14 and earlier Java Runtime Environment (JRE) versions 5.0 Update 11 and earlier Java Runtime Environment (JRE) versions 6 through 6 Update 1

Description: The issue allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet. This occurs due to an unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader.

Recommendations: For Java Runtime Environment (JRE) versions 1.4.2 14 and earlier, update to a version later than 1.4.2 14. For Java Runtime Environment (JRE) versions 5.0 Update 11 and earlier, update to a version later than 5.0 Update 11. For Java Runtime Environment (JRE) versions 6 through 6 Update 1, update to a version later than 6 Update 1.