Vulnerability CVE-2007-3922 - CERT Civis.Net

Vulnerability Name:

CVE-2007-3922 (CCN-35491)

Assigned:

2007-07-18

Published:

2007-07-18

Updated:

2017-09-29

Summary:

Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.

CVSS v3 Severity:

4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: CCN
Type: BugTraq Mailing List, Mon Oct 29 2007 - 16:20:22 CDT
Untrusted Java applet can connect to localhost

Source: CCN
Type: BugTraq Mailing List, Wed Nov 14 2007 - 10:33:29 CST
[security bulletin] HPSBMA02288 SSRT071465 rev.1 - HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS)

Source: MITRE
Type: CNA
CVE-2007-3922

Source: BEA
Type: UNKNOWN
BEA07-177.00

Source: CCN
Type: Apple Web site
About the security content of Java Release 6 for Mac OS X 10.4

Source: MISC
Type: UNKNOWN
http://docs.info.apple.com/article.html?artnum=307177

Source: CCN
Type: HP Security Bulletin HPSBMA02384 SSRT071465 rev.1
HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access, Denial of Service (DoS)

Source: HP
Type: UNKNOWN
SSRT071465

Source: APPLE
Type: UNKNOWN
APPLE-SA-2007-12-14

Source: CCN
Type: RHSA-2007-0818
Critical: java-1.5.0-sun security update

Source: CCN
Type: RHSA-2007-0829
Critical: java-1.5.0-ibm security update

Source: CCN
Type: RHSA-2008-0133
Moderate: IBMJava2 security update

Source: SECUNIA
Type: UNKNOWN
26314

Source: SECUNIA
Type: UNKNOWN
26369

Source: CCN
Type: SA26631
BEA JRockit Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
26631

Source: SECUNIA
Type: UNKNOWN
26645

Source: SECUNIA
Type: UNKNOWN
26933

Source: SECUNIA
Type: UNKNOWN
27266

Source: CCN
Type: SA27635
HP OpenView Operations Java JRE/JDK JSSE DoS and Security Bypass

Source: SECUNIA
Type: UNKNOWN
27635

Source: CCN
Type: SA28115
Mac OS X Java Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
28115

Source: SECUNIA
Type: UNKNOWN
30805

Source: CCN
Type: SA34045
HP OpenView Network Node Manager DoS and Security Bypass

Source: CCN
Type: SECTRACK ID: 1018428
Java Runtime Environment Applet Class Loader Bug Lets Remote Users Connect to Localhost Sockets

Source: SLACKWARE
Type: UNKNOWN
SSA:2007-243-01

Source: CCN
Type: Sun Alert ID: 102995
A Security Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions

Source: SUNALERT
Type: UNKNOWN
102995

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2007-322.htm

Source: CCN
Type: ASA-2007-322
A Security Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions (Sun 102995)

Source: CCN
Type: ASA-2007-336
java-1.5.0-sun security update (RHSA-2007-0818)

Source: CCN
Type: ASA-2007-343
java-1.5.0-ibm security update (RHSA-2007-0829)

Source: CCN
Type: ASA-2008-271
IBMJava2 security update (RHSA-2008-0133)

Source: CCN
Type: GLSA-200709-15
BEA JRockit: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200709-15

Source: SUSE
Type: UNKNOWN
SUSE-SA:2007:056

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0818

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0829

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0133

Source: BID
Type: UNKNOWN
25054

Source: CCN
Type: BID-25054
Sun Java Runtime Environment Network Access Restriction Security Bypass Vulnerability

Source: SECTRACK
Type: UNKNOWN
1018428

Source: VUPEN
Type: UNKNOWN
ADV-2007-2573

Source: VUPEN
Type: UNKNOWN
ADV-2007-3009

Source: VUPEN
Type: UNKNOWN
ADV-2007-3861

Source: VUPEN
Type: UNKNOWN
ADV-2007-4224

Source: XF
Type: UNKNOWN
sun-java-class-unauthorized-access(35491)

Source: XF
Type: UNKNOWN
sun-java-class-unauthorized-access(35491)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10387

Source: CCN
Type: BEA07-177.00
Multiple Security Vulnerabilities in the Java Runtime Environment

Source: SUSE
Type: SUSE-SA:2007:056
IBM Java Security problems

Vulnerable Configuration:

Configuration 1:

cpe:/a:sun:jdk:*:update9:*:*:*:*:*:* (Version <= 1.5.0)

OR cpe:/a:sun:jdk:*:update1:*:*:*:*:*:* (Version <= 1.6.0)

OR cpe:/a:sun:jre:*:update11:*:*:*:*:*:* (Version <= 1.5.0)

OR cpe:/a:sun:jre:*:update1:*:*:*:*:*:* (Version <= 1.6.0)

OR cpe:/a:sun:sdk:*:*:*:*:*:*:*:* (Version <= 1.4.2_14)

Configuration RedHat 1:

cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:rhel_extras:5:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:sun:sdk:1.4.0:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.1:*:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:-:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2:*:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update3:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:-:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:-:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update10:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update11:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update7:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update8:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update9:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update10:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update11:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:-:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update1:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update2:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update3:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update4:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update5:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update6:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update7:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update8:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update9:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update1:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update1:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update2:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update4:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update5:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update6:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_05:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_06:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_07:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_01:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.0_01:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*

OR cpe:/a:suse:suse_linux_school_server:-:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*

OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*

OR cpe:/a:oracle:jrockit:r27.3.1:*:*:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20073922	V	CVE-2007-3922	2022-05-20
oval:org.opensuse.security:def:31750	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:31701	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:42127	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:31274	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:31253	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:31645	P	Security update for ovmf (Important)	2021-06-22
oval:org.opensuse.security:def:31642	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:31200	P	Security update for java-1_8_0-openjdk (Moderate)	2021-06-15
oval:org.opensuse.security:def:31188	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:31189	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:26047	P	Security update for xen (Important)	2021-05-12
oval:org.opensuse.security:def:31345	P	Security update for krb5-appl (Important)	2021-02-19
oval:org.opensuse.security:def:32008	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:35567	P	java-1_4_2-ibm-1.4.2_sr13.3-1.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35720	P	java-1_4_2-ibm-1.4.2_sr13.10-0.4.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41974	P	java-1_4_2-ibm-1.4.2_sr13.3-1.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25475	P	Security update for libssh (Important)	2020-12-01
oval:org.opensuse.security:def:26003	P	Security update for yaml-cpp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31047	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31798	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:25544	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26567	P	java-1_4_2-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25556	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31121	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31789	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:31854	P	Security update for cracklib (Moderate)	2020-12-01
oval:org.opensuse.security:def:25118	P	Security update for lftp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25695	P	Security update for gcc9 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25613	P	Security update for libsolv (Moderate)	2020-12-01
oval:org.opensuse.security:def:26685	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31811	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:31903	P	Security update for fontconfig (Low)	2020-12-01
oval:org.opensuse.security:def:25119	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:25748	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25697	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26720	P	java-1_4_2-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31855	P	Security update for crash (Low)	2020-12-01
oval:org.opensuse.security:def:31942	P	Security update for gnome-session (Moderate)	2020-12-01
oval:org.opensuse.security:def:25130	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25797	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25271	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25848	P	Security update for flex, at, bogofilter, cyrus-imapd, kdelibs4, libQtWebKit4, libbonobo, mdbtools, netpbm, openslp, sgmltool, virtuoso, libqt5-qtwebkit (Moderate)	2020-12-01
oval:org.opensuse.security:def:31402	P	Security update for perl-DBD-mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:32493	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31406	P	Security update for perl-PlRPC (Moderate)	2020-12-01
oval:org.opensuse.security:def:31964	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25194	P	Security update for adns (Important)	2020-12-01
oval:org.opensuse.security:def:25836	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25272	P	Security update for vino (Moderate)	2020-12-01
oval:org.opensuse.security:def:25901	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31489	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32532	P	java-1_4_2-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31498	P	Security update for python-numpy (Important)	2020-12-01
oval:org.opensuse.security:def:25322	P	Security update for tigervnc (Critical)	2020-12-01
oval:org.opensuse.security:def:25850	P	Security update for libreoffice (Low)	2020-12-01
oval:org.opensuse.security:def:25283	P	Security update for SUSE Manager Client Tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:25950	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:31035	P	Security update for jpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:31555	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32646	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25403	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25894	P	Security update for gstreamer-0_10-plugins-bad (Moderate)	2020-12-01
oval:org.opensuse.security:def:25347	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25989	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31036	P	Security update for kdebase4-workspace	2020-12-01
oval:org.opensuse.security:def:32685	P	java-1_4_2-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25460	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26532	P	cron on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:21855	P	ELSA-2007:0829: java-1.5.0-ibm security update (Critical)	2014-05-26
oval:org.mitre.oval:def:10387	V	Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.	2010-09-06
oval:com.redhat.rhsa:def:20070829	P	RHSA-2007:0829: java-1.5.0-ibm security update (Critical)	2007-08-07