NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2007-3922

Summary	Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.
Publication Date	July 21, 2007, 9:30 a.m.
Registration Date	Jan. 29, 2021, 2:17 p.m.
Last Update	Sept. 29, 2017, 10:29 a.m.

CVSS2.0 : MEDIUM
Score	6.8
Vector	AV:N/AC:M/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	はい
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:sun:jdk::update9::::::*			1.5.0
cpe:2.3:a:sun:jdk::update1::::::*			1.6.0
cpe:2.3:a:sun:jre::update11::::::*			1.5.0
cpe:2.3:a:sun:jre::update1::::::*			1.6.0
cpe:2.3:a:sun:sdk::::::::			1.4.2_14

Related information, measures and tools

No	URL	refsource	タグ
1	http://dev2dev.bea.com/pub/advisory/248	BEA
2	http://docs.info.apple.com/article.html?artnum=307177	MISC
3	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450	HP
4	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html	APPLE
5	http://secunia.com/advisories/26314	SECUNIA
6	http://secunia.com/advisories/26369	SECUNIA
7	http://secunia.com/advisories/26631	SECUNIA
8	http://secunia.com/advisories/26645	SECUNIA
9	http://secunia.com/advisories/26933	SECUNIA
10	http://secunia.com/advisories/27266	SECUNIA
11	http://secunia.com/advisories/27635	SECUNIA
12	http://secunia.com/advisories/28115	SECUNIA
13	http://secunia.com/advisories/30805	SECUNIA
14	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841	SLACKWARE
15	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1	SUNALERT
16	http://support.avaya.com/elmodocs2/security/ASA-2007-322.htm	CONFIRM
17	http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml	GENTOO
18	http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html	SUSE
19	http://www.redhat.com/support/errata/RHSA-2007-0818.html	REDHAT
20	http://www.redhat.com/support/errata/RHSA-2007-0829.html	REDHAT
21	http://www.redhat.com/support/errata/RHSA-2008-0133.html	REDHAT
22	http://www.securityfocus.com/bid/25054	BID
23	http://www.securitytracker.com/id?1018428	SECTRACK
24	http://www.vupen.com/english/advisories/2007/2573	VUPEN
25	http://www.vupen.com/english/advisories/2007/3009	VUPEN
26	http://www.vupen.com/english/advisories/2007/3861	VUPEN
27	http://www.vupen.com/english/advisories/2007/4224	VUPEN
28	https://exchange.xforce.ibmcloud.com/vulnerabilities/35491	XF
29	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10387	OVAL

Common Vulnerabilities List