CVE-2007-3922 Information

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier 6 through 6 Update 1 and SDK and JRE 1.4.2_14 and earlier allows remote attackers to violate the security model for an applet’s outbound connections by connecting to certain localhost services running on the machine that loaded the applet.

Reference

http://dev2dev.bea.com/pub/advisory/248 http://docs.info.apple.com/article.html?artnum=307177 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://secunia.com/advisories/26314 http://secunia.com/advisories/26369 http://secunia.com/advisories/26631 http://secunia.com/advisories/26645 http://secunia.com/advisories/26933 http://secunia.com/advisories/27266 http://secunia.com/advisories/27635 http://secunia.com/advisories/28115 http://secunia.com/advisories/30805 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 http://support.avaya.com/elmodocs2/security/ASA-2007-322.htm http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html http://www.redhat.com/support/errata/RHSA-2007-0818.html http://www.redhat.com/support/errata/RHSA-2007-0829.html http://www.redhat.com/support/errata/RHSA-2008-0133.html http://www.securityfocus.com/bid/25054 http://www.securitytracker.com/id?1018428 http://www.vupen.com/english/advisories/2007/2573 http://www.vupen.com/english/advisories/2007/3009 http://www.vupen.com/english/advisories/2007/3861 http://www.vupen.com/english/advisories/2007/4224 https://exchange.xforce.ibmcloud.com/vulnerabilities/35491 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10387