Oval Definition:oval:org.mitre.oval:def:22301
Revision Date:2014-05-26Version:44
Title:ELSA-2008:0100: java-1.4.2-bea security update (Moderate)
Description:Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274. NOTE: this is similar to CVE-2007-5232.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2007-2788
CVE-2007-2789
CVE-2007-3698
CVE-2007-4381
CVE-2007-5232
CVE-2007-5239
CVE-2007-5240
CVE-2007-5273
ELSA-2008:0100-01
Platform(s):Oracle Linux 5
Product(s):java-1.4.2-bea
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • java-1.4.2-bea-devel is earlier than 0:1.4.2.16-1jpp.1.el5
  • OR java-1.4.2-bea is earlier than 0:1.4.2.16-1jpp.1.el5
  • OR java-1.4.2-bea-src is earlier than 0:1.4.2.16-1jpp.1.el5
  • OR java-1.4.2-bea-missioncontrol is earlier than 0:1.4.2.16-1jpp.1.el5
  • OR java-1.4.2-bea-jdbc is earlier than 0:1.4.2.16-1jpp.1.el5
  • OR java-1.4.2-bea-demo is earlier than 0:1.4.2.16-1jpp.1.el5
    • BACK