Vulnerability Name:

CCN-12210

Published:2003-06-06
Updated:2003-06-06
Summary:An unspecified vulnerability in Sun Microsystems Java Runtime Environment (JRE), Software Development Kit (SDK), and Java Development Kit (JDK) could allow untrusted Java Applets to access restricted resources. A remote attacker could use this vulnerability to obtain information.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Consequences:Obtain Information
References:Source: CCN
Type: Sun Alert ID: 55101
An Untrusted Applet may Access Restricted Resources

Source: CCN
Type: BID-7850
Sun Microsystems JRE Untrusted Applet Access To Restricted Resources Vulnerability

Source: CCN
Type: BID-8204
HP Java Runtime Environment Unspecified Untrusted Applet Access Vulnerability

Source: XF
Type: UNKNOWN
sun-applet-resources-access(12210)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:sun:jre:1.2.2::linux_production:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:-:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.1.8:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.1.8:update7:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.1.8:update8:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.1.8:update14:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.2.2:update10:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:-:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:update1:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:update3:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:update4:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:update5:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update1:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update1a:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.2.2_010:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.0_05:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.0_02:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.2.2_010:*:*:*:*:*:*:*
  • AND
  • cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.23:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    sun jre 1.2.2
    sun jre 1.3.1
    sun jdk 1.1.8 update2
    sun jdk 1.1.8 update7
    sun jdk 1.1.8 update8
    sun jre 1.1.8 update14
    sun jre 1.2.2 update10
    sun jre 1.3.0
    sun jre 1.3.0 update1
    sun jre 1.3.0 update2
    sun jre 1.3.0 update3
    sun jre 1.3.0 update4
    sun jre 1.3.0 update5
    sun jre 1.3.1 update1
    sun jre 1.3.1 update1a
    sun sdk 1.2.2_010
    sun sdk 1.3.0
    sun sdk 1.3.1_01
    sun sdk 1.3.1_01a
    sun sdk 1.3.1_02
    sun jre 1.3.1 update2
    sun sdk 1.3.0_05
    sun sdk 1.3.0_02
    sun sdk 1.2.2_010
    hp hp-ux 11.00
    hp hp-ux 11.11
    hp hp-ux 11.22
    hp hp-ux 11.23