Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5375


Vulnerability Score 2.6 2.6
CVE Id CVE-2007-5375
Last Modified 15 Nov 2008 02:00:47
Published 11 Oct 2007 06:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



Interpretation conflict in the Sun Java Virtual Machine (JVM) allows user-assisted remote attackers to conduct a multi-pin DNS rebinding attack and execute arbitrary JavaScript in an intranet context, when an intranet web server has an HTML document that references a "mayscript=true" Java applet through a local relative URI, which may be associated with different IP addresses by the browser and the JVM.

Vulnerable Systems


  • Sun Java Virtual Machine


OSVDB - 40930


Last Updated: 27 May 2016 10:46:09