PT-2007-6353 · Hewlett Packard+2 · Jdk14.Jdk14-Com+54
Published
2007-10-08
·
Updated
2018-10-30
·
CVE-2007-5273
CVSS v2.0
2.6
Low
| Vector | AV:N/AC:H/Au:N/C:N/I:P/A:N |
Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2 15 and earlier, and SDK and JRE 1.3.1 20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274. NOTE: this is similar to CVE-2007-5232.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Jdk14.Jdk14-Com
Jdk14.Jdk14-Demo
Jdk14.Jdk14-Ipf32
Jdk14.Jdk14-Ipf64
Jdk14.Jdk14-Pa11
Jdk14.Jdk14-Pa20
Jdk14.Jdk14-Pa20W
Jdk14.Jdk14-Pnv2
Jdk14.Jdk14-Pwv2
Jdk15.Jdk15-Com
Jdk15.Jdk15-Demo
Jdk15.Jdk15-Ipf32
Jdk15.Jdk15-Ipf64
Jdk15.Jdk15-Pa20
Jdk15.Jdk15-Pa20W
Jdk15.Jdk15-Pnv2
Jdk15.Jdk15-Pwv2
Jpi14.Jpi14-Com
Jpi14.Jpi14-Com-Doc
Jpi14.Jpi14-Ipf32
Jpi14.Jpi14-Pa11
Jre14.Jre14-Com
Jre14.Jre14-Com-Doc
Jre14.Jre14-Ipf32
Jre14.Jre14-Ipf32-Hs
Jre14.Jre14-Ipf64
Jre14.Jre14-Ipf64-Hs
Jre14.Jre14-Pa11
Jre14.Jre14-Pa11-Hs
Jre14.Jre14-Pa20
Jre14.Jre14-Pa20-Hs
Jre14.Jre14-Pa20W
Jre14.Jre14-Pa20W-Hs
Jre14.Jre14-Pnv2
Jre14.Jre14-Pnv2-H
Jre14.Jre14-Pwv2
Jre14.Jre14-Pwv2-H
Jre15.Jre15-Com
Jre15.Jre15-Com-Doc
Jre15.Jre15-Ipf32
Jre15.Jre15-Ipf32-Hs
Jre15.Jre15-Ipf64
Jre15.Jre15-Ipf64-Hs
Jre15.Jre15-Pa20
Jre15.Jre15-Pa20-Hs
Jre15.Jre15-Pa20W
Jre15.Jre15-Pa20W-Hs
Jre15.Jre15-Pnv2
Jre15.Jre15-Pnv2-H
Jre15.Jre15-Pwv2
Jre15.Jre15-Pwv2-H
Openjdk
Jdk
Jre
Sdk