What is the severity of CVE-2007-5232?

CVE-2007-5232 is considered a medium severity vulnerability due to the potential for unauthorized access to an applet's outbound connections.

How do I fix CVE-2007-5232?

To fix CVE-2007-5232, update to the latest version of the Java Runtime Environment that addresses this vulnerability.

What software versions are affected by CVE-2007-5232?

CVE-2007-5232 affects Sun JRE and SDK versions 6 Update 2 and earlier, 5.0 Update 12 and earlier, and 1.4.2 Update 15 and earlier, among others.

What types of attacks can exploit CVE-2007-5232?

CVE-2007-5232 can be exploited by remote attackers who can manipulate applet caching configurations to bypass security restrictions.

Is CVE-2007-5232 still relevant today?

Although CVE-2007-5232 is an older vulnerability, systems still using affected versions of Java are at risk and should be updated.

Vulnerability/
CVE-2007-5232

medium

CWE

NVD-CWE-Other

5/10/2007

7/8/2024

CVE-2007-5232

First published: Fri Oct 05 2007(Updated: 8 months ago)

Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound connections via a DNS rebinding attack.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Java Development Kit (JDK)	=1.5.0-update1
Java Development Kit (JDK)	=1.5.0-update10
Java Development Kit (JDK)	=1.5.0-update11
Java Development Kit (JDK)	=1.5.0-update12
Java Development Kit (JDK)	=1.5.0-update2
Java Development Kit (JDK)	=1.5.0-update3
Java Development Kit (JDK)	=1.5.0-update4
Java Development Kit (JDK)	=1.5.0-update5
Java Development Kit (JDK)	=1.5.0-update7
Java Development Kit (JDK)	=1.5.0-update8
Java Development Kit (JDK)	=1.5.0-update9
Java Development Kit (JDK)	=1.6.0-update1
Java Development Kit (JDK)	=1.6.0-update2
Sun Java Runtime Environment (JRE)	=1.3.0
Sun Java Runtime Environment (JRE)	=1.3.0-update5
Sun Java Runtime Environment (JRE)	=1.3.1-update1
Sun Java Runtime Environment (JRE)	=1.3.1-update16
Sun Java Runtime Environment (JRE)	=1.3.1-update18
Sun Java Runtime Environment (JRE)	=1.3.1-update19
Sun Java Runtime Environment (JRE)	=1.3.1-update1a
Sun Java Runtime Environment (JRE)	=1.3.1-update20
Sun Java Runtime Environment (JRE)	=1.4
Sun Java Runtime Environment (JRE)	=1.4.1-update3
Sun Java Runtime Environment (JRE)	=1.4.2
Sun Java Runtime Environment (JRE)	=1.4.2_1
Sun Java Runtime Environment (JRE)	=1.4.2_3
Sun Java Runtime Environment (JRE)	=1.4.2_8
Sun Java Runtime Environment (JRE)	=1.4.2_9
Sun Java Runtime Environment (JRE)	=1.4.2_10
Sun Java Runtime Environment (JRE)	=1.4.2_11
Sun Java Runtime Environment (JRE)	=1.4.2_12
Sun Java Runtime Environment (JRE)	=1.4.2_13
Sun Java Runtime Environment (JRE)	=1.4.2_14
Sun Java Runtime Environment (JRE)	=1.4.2_15
Sun Java Runtime Environment (JRE)	=1.5.0-update1
Sun Java Runtime Environment (JRE)	=1.5.0-update10
Sun Java Runtime Environment (JRE)	=1.5.0-update11
Sun Java Runtime Environment (JRE)	=1.5.0-update12
Sun Java Runtime Environment (JRE)	=1.5.0-update2
Sun Java Runtime Environment (JRE)	=1.5.0-update3
Sun Java Runtime Environment (JRE)	=1.5.0-update4
Sun Java Runtime Environment (JRE)	=1.5.0-update5
Sun Java Runtime Environment (JRE)	=1.5.0-update6
Sun Java Runtime Environment (JRE)	=1.5.0-update7
Sun Java Runtime Environment (JRE)	=1.5.0-update8
Sun Java Runtime Environment (JRE)	=1.5.0-update9
Sun Java Runtime Environment (JRE)	=1.6.0-update_1
Sun Java Runtime Environment (JRE)	=1.6.0-update_2
Java Development Kit (JDK)	=1.3.1_01
Java Development Kit (JDK)	=1.3.1_01a
Java Development Kit (JDK)	=1.3.1_16
Java Development Kit (JDK)	=1.3.1_18
Java Development Kit (JDK)	=1.3.1_19
Java Development Kit (JDK)	=1.3.1_20
Java Development Kit (JDK)	=1.4.2
Java Development Kit (JDK)	=1.4.2_03
Java Development Kit (JDK)	=1.4.2_08
Java Development Kit (JDK)	=1.4.2_09
Java Development Kit (JDK)	=1.4.2_10
Java Development Kit (JDK)	=1.4.2_11
Java Development Kit (JDK)	=1.4.2_12
Java Development Kit (JDK)	=1.4.2_13
Java Development Kit (JDK)	=1.4.2_14
Java Development Kit (JDK)	=1.4.2_15

Remedy

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-5232?
CVE-2007-5232 is considered a medium severity vulnerability due to the potential for unauthorized access to an applet's outbound connections.
How do I fix CVE-2007-5232?
To fix CVE-2007-5232, update to the latest version of the Java Runtime Environment that addresses this vulnerability.
What software versions are affected by CVE-2007-5232?
CVE-2007-5232 affects Sun JRE and SDK versions 6 Update 2 and earlier, 5.0 Update 12 and earlier, and 1.4.2 Update 15 and earlier, among others.
What types of attacks can exploit CVE-2007-5232?
CVE-2007-5232 can be exploited by remote attackers who can manipulate applet caching configurations to bypass security restrictions.
Is CVE-2007-5232 still relevant today?
Although CVE-2007-5232 is an older vulnerability, systems still using affected versions of Java are at risk and should be updated.

agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/severity
agent/references
agent/weakness
agent/remedy
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/sun
canonical/java development kit (jdk)
version/java development kit (jdk)/1.5.0-update1
version/java development kit (jdk)/1.5.0-update10
version/java development kit (jdk)/1.5.0-update11
version/java development kit (jdk)/1.5.0-update12
version/java development kit (jdk)/1.5.0-update2
version/java development kit (jdk)/1.5.0-update3
version/java development kit (jdk)/1.5.0-update4
version/java development kit (jdk)/1.5.0-update5
version/java development kit (jdk)/1.5.0-update7
version/java development kit (jdk)/1.5.0-update8
version/java development kit (jdk)/1.5.0-update9
version/java development kit (jdk)/1.6.0-update1
version/java development kit (jdk)/1.6.0-update2
canonical/sun java runtime environment (jre)
version/sun java runtime environment (jre)/1.3.0
version/sun java runtime environment (jre)/1.3.0-update5
version/sun java runtime environment (jre)/1.3.1-update1
version/sun java runtime environment (jre)/1.3.1-update16
version/sun java runtime environment (jre)/1.3.1-update18
version/sun java runtime environment (jre)/1.3.1-update19
version/sun java runtime environment (jre)/1.3.1-update1a
version/sun java runtime environment (jre)/1.3.1-update20
version/sun java runtime environment (jre)/1.4
version/sun java runtime environment (jre)/1.4.1-update3
version/sun java runtime environment (jre)/1.4.2
version/sun java runtime environment (jre)/1.4.2_1
version/sun java runtime environment (jre)/1.4.2_3
version/sun java runtime environment (jre)/1.4.2_8
version/sun java runtime environment (jre)/1.4.2_9
version/sun java runtime environment (jre)/1.4.2_10
version/sun java runtime environment (jre)/1.4.2_11
version/sun java runtime environment (jre)/1.4.2_12
version/sun java runtime environment (jre)/1.4.2_13
version/sun java runtime environment (jre)/1.4.2_14
version/sun java runtime environment (jre)/1.4.2_15
version/sun java runtime environment (jre)/1.5.0-update1
version/sun java runtime environment (jre)/1.5.0-update10
version/sun java runtime environment (jre)/1.5.0-update11
version/sun java runtime environment (jre)/1.5.0-update12
version/sun java runtime environment (jre)/1.5.0-update2
version/sun java runtime environment (jre)/1.5.0-update3
version/sun java runtime environment (jre)/1.5.0-update4
version/sun java runtime environment (jre)/1.5.0-update5
version/sun java runtime environment (jre)/1.5.0-update6
version/sun java runtime environment (jre)/1.5.0-update7
version/sun java runtime environment (jre)/1.5.0-update8
version/sun java runtime environment (jre)/1.5.0-update9
version/sun java runtime environment (jre)/1.6.0-update_1
version/sun java runtime environment (jre)/1.6.0-update_2
version/java development kit (jdk)/1.3.1_01
version/java development kit (jdk)/1.3.1_01a
version/java development kit (jdk)/1.3.1_16
version/java development kit (jdk)/1.3.1_18
version/java development kit (jdk)/1.3.1_19
version/java development kit (jdk)/1.3.1_20
version/java development kit (jdk)/1.4.2
version/java development kit (jdk)/1.4.2_03
version/java development kit (jdk)/1.4.2_08
version/java development kit (jdk)/1.4.2_09
version/java development kit (jdk)/1.4.2_10
version/java development kit (jdk)/1.4.2_11
version/java development kit (jdk)/1.4.2_12
version/java development kit (jdk)/1.4.2_13
version/java development kit (jdk)/1.4.2_14
version/java development kit (jdk)/1.4.2_15