PT-2007-5142 · Oracle · Java Runtime Environment+1
Published
2007-07-20
·
Updated
2017-09-29
·
CVE-2007-3922
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Java Runtime Environment (JRE) versions 1.4.2 14 and earlier
Java Runtime Environment (JRE) versions 5.0 Update 11 and earlier
Java Runtime Environment (JRE) versions 6 through 6 Update 1
Description:
The issue allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet. This occurs due to an unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader.
Recommendations:
For Java Runtime Environment (JRE) versions 1.4.2 14 and earlier, update to a version later than 1.4.2 14.
For Java Runtime Environment (JRE) versions 5.0 Update 11 and earlier, update to a version later than 5.0 Update 11.
For Java Runtime Environment (JRE) versions 6 through 6 Update 1, update to a version later than 6 Update 1.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Java Platform
Java Runtime Environment