Vulnerability Name:

CCN-12211

Published:2003-06-06
Updated:2003-06-06
Summary:An unspecified vulnerability in Sun Microsystems Java Runtime Environment (JRE), Software Development Kit (SDK), and Java Development Kit (JDK) could allow untrusted Java Applets to access the properties of a HTTP request. A remote attacker could use this vulnerability to obtain information.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Consequences:Obtain Information
References:Source: CCN
Type: Sun Alert ID: 55101
An Untrusted Applet may Access Restricted Resources

Source: CCN
Type: BID-7851
Sun Microsystems JRE HTTP Property Access Vulnerability

Source: XF
Type: UNKNOWN
sun-applet-properties-access(12211)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:sun:jre:1.2.2::linux_production:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:-:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.1.8:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.1.8:update7:*:*:*:*:*:*
  • OR cpe:/a:sun:jdk:1.1.8:update8:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.1.8:update14:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.2.2:update10:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:-:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:update1:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:update3:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:update4:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.0:update5:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update1:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update1a:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.2.2_010:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*
  • OR cpe:/a:sun:jre:1.3.1:update2:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.0_05:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.3.0_02:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sdk:1.2.2_010:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    sun jre 1.2.2
    sun jre 1.3.1
    sun jdk 1.1.8 update2
    sun jdk 1.1.8 update7
    sun jdk 1.1.8 update8
    sun jre 1.1.8 update14
    sun jre 1.2.2 update10
    sun jre 1.3.0
    sun jre 1.3.0 update1
    sun jre 1.3.0 update2
    sun jre 1.3.0 update3
    sun jre 1.3.0 update4
    sun jre 1.3.0 update5
    sun jre 1.3.1 update1
    sun jre 1.3.1 update1a
    sun sdk 1.2.2_010
    sun sdk 1.3.0
    sun sdk 1.3.1_01
    sun sdk 1.3.1_01a
    sun sdk 1.3.1_02
    sun jre 1.3.1 update2
    sun sdk 1.3.0_05
    sun sdk 1.3.0_02
    sun sdk 1.2.2_010