OVAL Reference oval:org.opensuse.security:def:20075274

Oval Definition:

oval:org.opensuse.security:def:20075274

Revision Date:	2022-05-20	Version:	1
Title:	CVE-2007-5274
Description:	Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273. NOTE: this is similar to CVE-2007-5232.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2007-5274 Mitre CVE-2007-5274 SUSE CVE-2007-5274 SUSE-SA:2007:055 SUSE-SA:2007:055 SUSE-SA:2008:025 SUSE-SA:2008:025
Platform(s):	Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 Open Enterprise Server openSUSE 10.3 SUSE LINUX 10.0 SUSE LINUX 10.1 SuSE Linux Desktop 1.0 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2	Product(s):
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information java-1_4_2-ibm-1.4.2_sr13.10-0.4.1 is installed OR java-1_4_2-ibm-jdbc-1.4.2_sr13.10-0.4.1 is installed OR java-1_4_2-ibm-plugin-1.4.2_sr13.10-0.4.1 is installed
Definition Synopsis
Release Information suse100 is installed java-1_5_0-sun-alsa less than 1.5.0_13-0.1 OR java-1_5_0-sun-demo less than 1.5.0_13-0.1 OR java-1_5_0-sun-devel less than 1.5.0_13-0.1 OR java-1_5_0-sun-jdbc less than 1.5.0_13-0.1 OR java-1_5_0-sun-plugin less than 1.5.0_13-0.1 OR java-1_5_0-sun less than 1.5.0_13-0.1 OR suse101 is installed java-1_5_0-sun-alsa less than 1.5.0_13-0.1 OR java-1_5_0-sun-demo less than 1.5.0_13-0.1 OR java-1_5_0-sun-devel less than 1.5.0_13-0.1 OR java-1_5_0-sun-jdbc less than 1.5.0_13-0.1 OR java-1_5_0-sun-plugin less than 1.5.0_13-0.1 OR java-1_5_0-sun-src less than 1.5.0_13-0.1 OR java-1_5_0-sun less than 1.5.0_13-0.1 OR Package Information sles9-oes is installed AND IBMJava2-JRE less than 1.4.2-0.112 OR IBMJava2-SDK less than 1.4.2-0.112 OR Package Information sles9-oes is installed AND IBMJava5-JRE less than 1.5.0-0.22 OR IBMJava5-SDK less than 1.5.0-0.22 OR Package Information sles9-oes is installed AND IBMJava5-JRE less than 1.5.0-0.15 OR IBMJava5-SDK less than 1.5.0-0.15 OR Package Information sles8-slec is installed java2-jre less than 1.4.2-155 OR java2 less than 1.4.2-155 OR sles9-nld is installed java2-jre less than 1.4.2-129.32 OR java2 less than 1.4.2-129.32 OR Package Information suse100 is installed java-1_4_2-sun-alsa less than 1.4.2.16-0.1 OR java-1_4_2-sun-demo less than 1.4.2.16-0.1 OR java-1_4_2-sun-devel less than 1.4.2.16-0.1 OR java-1_4_2-sun-jdbc less than 1.4.2.16-0.1 OR java-1_4_2-sun-plugin less than 1.4.2.16-0.1 OR java-1_4_2-sun-src less than 1.4.2.16-0.1 OR java-1_4_2-sun less than 1.4.2.16-0.1 OR suse101 is installed java-1_4_2-sun-alsa less than 1.4.2.16-0.2 OR java-1_4_2-sun-demo less than 1.4.2.16-0.2 OR java-1_4_2-sun-devel less than 1.4.2.16-0.2 OR java-1_4_2-sun-jdbc less than 1.4.2.16-0.2 OR java-1_4_2-sun-plugin less than 1.4.2.16-0.2 OR java-1_4_2-sun-src less than 1.4.2.16-0.2 OR java-1_4_2-sun less than 1.4.2.16-0.2
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP1 is installed AND java-1_4_2-ibm-1.4.2_sr13.3-1.1.1 is installed OR java-1_4_2-ibm-jdbc-1.4.2_sr13.3-1.1.1 is installed OR java-1_4_2-ibm-plugin-1.4.2_sr13.3-1.1.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed AND java-1_4_2-ibm-1.4.2_sr13.10-0.4.1 is installed OR java-1_4_2-ibm-jdbc-1.4.2_sr13.10-0.4.1 is installed OR java-1_4_2-ibm-plugin-1.4.2_sr13.10-0.4.1 is installed

BACK