Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and previous versions, JDK and JRE 5.0 Update 12 and previous versions, SDK and JRE 1.4.2_15 and previous versions, and SDK and JRE 1.3.1_20 and previous versions, when an HTTP proxy server is used, allows remote malicious users to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274. NOTE: this is similar to CVE-2007-5232.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun jdk 1.5.0 |
||
sun jdk 1.6.0 |
||
sun jre 1.3.0 |
||
sun jre 1.3.1 |
||
sun jre 1.4 |
||
sun jre 1.4.2_1 |
||
sun jre 1.4.2_10 |
||
sun jre 1.4.2_9 |
||
sun jre 1.5.0 |
||
sun sdk 1.3.1_01a |
||
sun sdk 1.3.1_16 |
||
sun sdk 1.4.2_10 |
||
sun sdk 1.4.2_11 |
||
sun jre 1.4.2_11 |
||
sun jre 1.4.2_12 |
||
sun jre 1.4.2_13 |
||
sun sdk 1.3.1_18 |
||
sun sdk 1.3.1_19 |
||
sun sdk 1.3.1_20 |
||
sun sdk 1.4.2_12 |
||
sun sdk 1.4.2_13 |
||
sun jre 1.4.2_14 |
||
sun jre 1.4.2_15 |
||
sun jre 1.6.0 |
||
sun sdk 1.4.2 |
||
sun sdk 1.4.2_03 |
||
sun sdk 1.4.2_14 |
||
sun sdk 1.4.2_15 |
||
sun jre 1.4.1 |
||
sun jre 1.4.2 |
||
sun jre 1.4.2_3 |
||
sun jre 1.4.2_8 |
||
sun sdk 1.3.1_01 |
||
sun sdk 1.4.2_08 |
||
sun sdk 1.4.2_09 |