Description
Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.
References (29)
Core 29
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0818.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26933
Vendor Advisory x_refsource_misc
http://docs.info.apple.com/article.html?artnum=307177
Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26314
Vendor Advisory vendor-advisory
x_refsource_bea
http://dev2dev.bea.com/pub/advisory/248
Vendor Advisory vendor-advisory
x_refsource_slackware
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30805
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018428
Vendor Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2007-322.htm
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26369
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2573
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26645
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35491
Vendor Advisory vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/4224
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3861
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3009
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27266
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25054
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28115
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10387
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0829.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26631
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27635
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0133.html
Scores
EPSS
0.0505
EPSS Percentile
89.9%
Details
Status
published
Products (5)
sun/jdk
< 1.5.0
sun/jdk
< 1.6.0
sun/jre
< 1.5.0
sun/jre
< 1.6.0
sun/sdk
< 1.4.2_14
Published
Jul 21, 2007
Tracked Since
Feb 18, 2026