Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 11/10/2007 Updated: 15/11/2008

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 231

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Interpretation conflict in the Sun Java Virtual Machine (JVM) allows user-assisted remote malicious users to conduct a multi-pin DNS rebinding attack and execute arbitrary JavaScript in an intranet context, when an intranet web server has an HTML document that references a "mayscript=true" Java applet through a local relative URI, which may be associated with different IP addresses by the browser and the JVM.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun java virtual machine

CWE-16 CWE-20 http://crypto.stanford.edu/dns/dns-rebinding.pdf http://osvdb.org/40930 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-5375

Vulnerability Summary

References

Vulmon Search

About

Products

Connect