FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jdk/jre -- Applet Caching May Allow Network Access Restrictions to be Circumvented

Affected packages
1.3.0 <= jdk <
1.5.0,1 <= jdk <,1
1.3.0 <= linux-blackdown-jdk
1.3.0 <= linux-sun-jdk <
1.4.0 <= linux-sun-jdk <
linux-sun-jdk = 1.5.0.b1
linux-sun-jdk = 1.5.0.b1,1
1.5.0,2 <= linux-sun-jdk <,2
1.6.0 <= linux-sun-jdk <


VuXML ID c93e4d41-75c5-11dc-b903-0016179b2dd5
Discovery 2007-10-03
Entry 2007-10-08
Modified 2007-11-16

SUN reports:

A vulnerability in the Java Runtime Environment (JRE) with applet caching may allow an untrusted applet that is downloaded from a malicious website to make network connections to network services on machines other than the one that the applet was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited.


CVE Name CVE-2007-5232