NA
CVSSv3

CVE-2007-3698

CVSSv4: NA | CVSSv3: NA | CVSSv2: 7.8 | VMScore: 880 | EPSS: 0.24162 | KEV: Not Included
Published: 11/07/2007 Updated: 21/11/2024

Vulnerability Summary

The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and previous versions, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.2_11 up to and including 1.4.2_14, when using JSSE for SSL/TLS support, allows remote malicious users to cause a denial of service (CPU consumption) via certain SSL/TLS handshake requests.

Vulnerable Product Search on Vulmon Subscribe to Product

sun jdk 1.5.0

sun jdk 1.6.0

sun jre 1.4.2 11

sun jre 1.4.2 12

sun jre 1.4.2 13

sun jre 1.4.2 14

sun jre 1.5.0

sun jre 1.6.0

sun sdk 1.4.2 11

sun sdk 1.4.2 12

sun sdk 1.4.2 13

sun sdk 1.4.2 14

References

NVD-CWE-Otherhttps://nvd.nist.govhttps://www.first.org/epsshttp://dev2dev.bea.com/pub/advisory/249http://docs.info.apple.com/article.html?artnum=307177http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.htmlhttp://osvdb.org/36663http://secunia.com/advisories/26015http://secunia.com/advisories/26221http://secunia.com/advisories/26314http://secunia.com/advisories/26631http://secunia.com/advisories/26645http://secunia.com/advisories/26933http://secunia.com/advisories/27203http://secunia.com/advisories/27635http://secunia.com/advisories/27716http://secunia.com/advisories/28056http://secunia.com/advisories/28115http://secunia.com/advisories/28777http://secunia.com/advisories/28880http://secunia.com/advisories/29340http://secunia.com/advisories/29897http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.htmlhttp://www.cisco.com/en/US/products/products_security_response09186a008088bd19.htmlhttp://www.cisco.com/warp/public/707/cisco-sr-20070725-jsse.shtmlhttp://www.gentoo.org/security/en/glsa/glsa-200709-15.xmlhttp://www.redhat.com/support/errata/RHSA-2007-0818.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0956.htmlhttp://www.redhat.com/support/errata/RHSA-2007-1086.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0100.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0132.htmlhttp://www.securityfocus.com/bid/24846http://www.securitytracker.com/id?1018357http://www.vupen.com/english/advisories/2007/2495http://www.vupen.com/english/advisories/2007/2660http://www.vupen.com/english/advisories/2007/3009http://www.vupen.com/english/advisories/2007/3861http://www.vupen.com/english/advisories/2007/4224https://exchange.xforce.ibmcloud.com/vulnerabilities/35333https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10634http://dev2dev.bea.com/pub/advisory/249http://docs.info.apple.com/article.html?artnum=307177http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.htmlhttp://osvdb.org/36663http://secunia.com/advisories/26015http://secunia.com/advisories/26221http://secunia.com/advisories/26314http://secunia.com/advisories/26631http://secunia.com/advisories/26645http://secunia.com/advisories/26933http://secunia.com/advisories/27203http://secunia.com/advisories/27635http://secunia.com/advisories/27716http://secunia.com/advisories/28056http://secunia.com/advisories/28115http://secunia.com/advisories/28777http://secunia.com/advisories/28880http://secunia.com/advisories/29340http://secunia.com/advisories/29897http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.htmlhttp://www.cisco.com/en/US/products/products_security_response09186a008088bd19.htmlhttp://www.cisco.com/warp/public/707/cisco-sr-20070725-jsse.shtmlhttp://www.gentoo.org/security/en/glsa/glsa-200709-15.xmlhttp://www.redhat.com/support/errata/RHSA-2007-0818.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0956.htmlhttp://www.redhat.com/support/errata/RHSA-2007-1086.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0100.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0132.htmlhttp://www.securityfocus.com/bid/24846http://www.securitytracker.com/id?1018357http://www.vupen.com/english/advisories/2007/2495http://www.vupen.com/english/advisories/2007/2660http://www.vupen.com/english/advisories/2007/3009http://www.vupen.com/english/advisories/2007/3861http://www.vupen.com/english/advisories/2007/4224https://exchange.xforce.ibmcloud.com/vulnerabilities/35333https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10634