oval:org.mitre.oval:def:10908

Definition Id: oval:org.mitre.oval:def:10908

Oval ID:	oval:org.mitre.oval:def:10908
Title:	Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273. NOTE: this is similar to CVE-2007-5232.
Description:	Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273. NOTE: this is similar to CVE-2007-5232.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-5274	Version:	3
Platform(s):	Red Hat Enterprise Linux Extras 3 Red Hat Enterprise Linux Extras 4 Red Hat Enterprise Linux Extras 5	Product(s):
Definition Synopsis:
IF redhat-release is version 3 AND java-1.4.2-ibm-plugin is earlier than 0:1.4.2.10-1jpp.2.el3 AND java-1.4.2-ibm-jdbc is earlier than 0:1.4.2.10-1jpp.2.el3 AND java-1.4.2-ibm-devel is earlier than 0:1.4.2.10-1jpp.2.el3 AND java-1.4.2-ibm is earlier than 0:1.4.2.10-1jpp.2.el3 AND java-1.4.2-ibm-src is earlier than 0:1.4.2.10-1jpp.2.el3 AND java-1.4.2-ibm-demo is earlier than 0:1.4.2.10-1jpp.2.el3 OR redhat-release is version 4 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.6-1jpp.2.el4 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.6-1jpp.2.el4 AND java-1.5.0-sun-plugin is earlier than 0:1.5.0.13-1jpp.1.el4 AND java-1.4.2-ibm-devel is earlier than 0:1.4.2.10-1jpp.2.el4 AND java-1.5.0-sun is earlier than 0:1.5.0.13-1jpp.1.el4 AND java-1.4.2-ibm-src is earlier than 0:1.4.2.10-1jpp.2.el4 AND java-1.4.2-ibm-plugin is earlier than 0:1.4.2.10-1jpp.2.el4 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.6-1jpp.2.el4 AND java-1.4.2-ibm-demo is earlier than 0:1.4.2.10-1jpp.2.el4 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.6-1jpp.2.el4 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.6-1jpp.2.el4 AND java-1.4.2-ibm is earlier than 0:1.4.2.10-1jpp.2.el4 AND java-1.4.2-ibm-javacomm is earlier than 0:1.4.2.10-1jpp.2.el4 AND java-1.5.0-ibm is earlier than 1:1.5.0.6-1jpp.2.el4 AND java-1.5.0-sun-demo is earlier than 0:1.5.0.13-1jpp.1.el4 AND java-1.5.0-sun-jdbc is earlier than 0:1.5.0.13-1jpp.1.el4 AND java-1.5.0-sun-src is earlier than 0:1.5.0.13-1jpp.1.el4 AND java-1.4.2-ibm-jdbc is earlier than 0:1.4.2.10-1jpp.2.el4 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.6-1jpp.2.el4 AND java-1.5.0-sun-devel is earlier than 0:1.5.0.13-1jpp.1.el4 OR redhat-release is version 5 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.6-1jpp.1.el5 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.6-1jpp.1.el5 AND java-1.5.0-sun-plugin is earlier than 0:1.5.0.13-1jpp.1.el5 AND java-1.4.2-ibm-devel is earlier than 0:1.4.2.10-1jpp.2.el5 AND java-1.5.0-sun is earlier than 0:1.5.0.13-1jpp.1.el5 AND java-1.4.2-ibm-src is earlier than 0:1.4.2.10-1jpp.2.el5 AND java-1.4.2-ibm-plugin is earlier than 0:1.4.2.10-1jpp.2.el5 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.6-1jpp.1.el5 AND java-1.4.2-ibm-demo is earlier than 0:1.4.2.10-1jpp.2.el5 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.6-1jpp.1.el5 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.6-1jpp.1.el5 AND java-1.4.2-ibm is earlier than 0:1.4.2.10-1jpp.2.el5 AND java-1.4.2-ibm-javacomm is earlier than 0:1.4.2.10-1jpp.2.el5 AND java-1.5.0-ibm-accessibility is earlier than 1:1.5.0.6-1jpp.1.el5 AND java-1.5.0-ibm is earlier than 1:1.5.0.6-1jpp.1.el5 AND java-1.5.0-sun-demo is earlier than 0:1.5.0.13-1jpp.1.el5 AND java-1.5.0-sun-jdbc is earlier than 0:1.5.0.13-1jpp.1.el5 AND java-1.5.0-sun-src is earlier than 0:1.5.0.13-1jpp.1.el5 AND java-1.4.2-ibm-jdbc is earlier than 0:1.4.2.10-1jpp.2.el5 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.6-1jpp.1.el5 AND java-1.5.0-sun-devel is earlier than 0:1.5.0.13-1jpp.1.el5

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0340s

Facebook rss twitter linkedin mail