Summary
Detail | |||
---|---|---|---|
Vendor | Sun | First view | 2007-10-11 |
Product | Java Virtual Machine | Last view | 2007-10-11 |
Version | Type | Application | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:sun:java_virtual_machine:*:*:*:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
2.6 | 2007-10-11 | CVE-2007-5375 | Interpretation conflict in the Sun Java Virtual Machine (JVM) allows user-assisted remote attackers to conduct a multi-pin DNS rebinding attack and execute arbitrary JavaScript in an intranet context, when an intranet web server has an HTML document that references a "mayscript=true" Java applet through a local relative URI, which may be associated with different IP addresses by the browser and the JVM. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-20 | Improper Input Validation |
50% (1) | CWE-16 | Configuration |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
40930 | Sun Java Virtual Machine (JVM) Multi-pin DNS Rebinding Cross-context Javascri... |