CVE-2007-5375

Name of the Vulnerable Software and Affected Versions: Sun Java Virtual Machine (JVM) (affected versions not specified)

Description: The issue is related to an interpretation conflict in the Sun Java Virtual Machine (JVM) that allows remote attackers to conduct a multi-pin DNS rebinding attack. This can lead to the execution of arbitrary JavaScript in an intranet context. The attack is possible when an intranet web server hosts an HTML document referencing a Java applet with "mayscript=true" through a local relative URI. The browser and the JVM may associate this URI with different IP addresses.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.