diff options
| author | Martin Wilke <miwi@FreeBSD.org> | 2007-10-09 07:18:11 +0000 |
|---|---|---|
| committer | Martin Wilke <miwi@FreeBSD.org> | 2007-10-09 07:18:11 +0000 |
| commit | 85cbee74af4ce16b6926cbf2a5a0c3f4b6c4df59 (patch) | |
| tree | 9c42ebbc4cf50a11eac6e60ab78fbdbffcae9cba | |
| parent | 049f43b12bf4c626f1cc362229dbdaa403141739 (diff) | |
| download | ports-85cbee74af4ce16b6926cbf2a5a0c3f4b6c4df59.tar.gz ports-85cbee74af4ce16b6926cbf2a5a0c3f4b6c4df59.zip | |
Notes
| -rw-r--r-- | security/vuxml/vuln.xml | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 786cc3947559..7a908cb06628 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,52 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="c93e4d41-75c5-11dc-b903-0016179b2dd5"> + <topic>jdk/jre -- Applet Caching May Allow Network Access Restrictions to be Circumvented</topic> + <affects> + <package> + <name>jdk</name> + <range><ge>1.3.0</ge><lt>1.3.1p9_8</lt></range> + <range><ge>1.4.0</ge><lt>1.4.2p8_7</lt></range> + <range><ge>1.5.0</ge><lt>1.5.0.12p6,1</lt></range> + <range><ge>1.6.0</ge><lt>1.6.0.1p1_2</lt></range> + </package> + <package> + <name>linux-blackdown-jdk</name> + <range><ge>1.4.0</ge><lt>1.4.2-02</lt></range> + </package> + <package> + <name>linux-sun-jdk</name> + <range><ge>1.3.0</ge><lt>1.3.1.18</lt></range> + <range><ge>1.4.0</ge><lt>1.4.2.13</lt></range> + <range><ge>1.5.0</ge><lt>1.5.0.12,2</lt></range> + <range><ge>1.6.0</ge><lt>1.6.0.02</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>SUN reports:</p> + <blockquote cite="http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1"> + <p>A vulnerability in the Java Runtime Environment (JRE) with applet + caching may allow an untrusted applet that is downloaded from a + malicious website to make network connections to network services + on machines other than the one that the applet was downloaded from. + This may allow network resources (such as web pages) and vulnerabilities + (that exist on these network services) which are not otherwise normally + accessible to be accessed or exploited.</p> + </blockquote> + </body> + </description> + <references> + <url>http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1</url> + <cvename>CVE-2007-5232</cvename> + </references> + <dates> + <discovery>2007-10-03</discovery> + <entry>2007-10-08</entry> + </dates> + </vuln> + <vuln vid="a5f667db-7596-11dc-8b7a-0019b944b34e"> <topic>xfs -- multiple vulnerabilites</topic> <affects> |