Vulnerability Note VU#336105
Sun Java JRE vulnerable to unauthorized network access
The Sun Java Runtime Environment (JRE) contains a vulnerability that may allow unintended access to network resources.
Per Sunsolve Document ID 103079:
The following java products are affected by this vulnerability:
JDK and JRE 6 Update 2 and earlier
JDK and JRE 5.0 Update 12 and earlier
SDK and JRE 1.4.2_15 and earlier
SDK and JRE 1.3.1_20 and earlier
An attacker may be able to run a Java applet on a vulnerable system to gain access to network connections to resources not otherwise accessible and expose vulnerabilitites within those network resources.
Disabling the Java browser plugin may prevent a malicious webpage from exploiting this vulnerability. See the Securing Your Web Browser for instructions on how to disable Java in your browser.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Sun Microsystems, Inc.||Affected||-||05 Oct 2007|
CVSS Metrics (Learn More)
This document was written by Joseph Pruszynski.
- CVE IDs: Unknown
- Date Public: 04 Oct 2007
- Date First Published: 05 Oct 2007
- Date Last Updated: 12 Oct 2007
- Severity Metric: 11.47
- Document Revision: 12
If you have feedback, comments, or additional information about this vulnerability, please send us email.