CVE-2007-5274

Properties

Published:
07.10.2007
Updated:
26.10.2007
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:N/AC:H/Au:N/C:N/I:P/A:N)
    Product:
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: JDK
    Sun: SDK
    Sun: SDK
    Sun: SDK
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE
    Sun: JRE

    Vulnerability description

    Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273.  NOTE: this is similar to CVE-2007-5232, but affects different product versions.

    References:

    http://crypto.stanford.edu/dns/dns-rebinding.pdf: http://crypto.stanford.edu/dns/dns-rebinding.pdf
    SUNALERT: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103078-1
    SECTRACK: http://securitytracker.com/id?1018771