Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:sun:jdk:1.3.1:update2:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-5689 |
The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves. Published: October 29, 2007; 3:46:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2007-5274 |
Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273. NOTE: this is similar to CVE-2007-5232. Published: October 08, 2007; 7:17:00 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2007-5237 |
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka "two vulnerabilities." Published: October 05, 2007; 8:17:00 PM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |