7.8

CVE-2007-3698

The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.2_11 through 1.4.2_14, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service (CPU consumption) via certain SSL/TLS handshake requests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunJdk Version1.5.0 Updateupdate10
SunJdk Version1.5.0 Updateupdate11
SunJdk Version1.5.0 Updateupdate7
SunJdk Version1.5.0 Updateupdate8
SunJdk Version1.5.0 Updateupdate9
SunJdk Version1.6.0 Updateupdate1
SunJre Version1.4.2_11
SunJre Version1.4.2_12
SunJre Version1.4.2_13
SunJre Version1.4.2_14
SunJre Version1.5.0 Updateupdate10
SunJre Version1.5.0 Updateupdate11
SunJre Version1.5.0 Updateupdate7
SunJre Version1.5.0 Updateupdate8
SunJre Version1.5.0 Updateupdate9
SunJre Version1.6.0 Updateupdate_1
SunSdk Version1.4.2_11
SunSdk Version1.4.2_12
SunSdk Version1.4.2_13
SunSdk Version1.4.2_14
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.82% 0.887
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://docs.info.apple.com/article.html?artnum=307177
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
http://secunia.com/advisories/28115
Vendor Advisory
http://www.vupen.com/english/advisories/2007/4224
Vendor Advisory
http://secunia.com/advisories/26645
Vendor Advisory
http://secunia.com/advisories/27203
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0956.html
http://secunia.com/advisories/26631
Vendor Advisory
http://secunia.com/advisories/26933
Vendor Advisory
http://secunia.com/advisories/28056
Vendor Advisory
http://secunia.com/advisories/29340
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml
http://www.redhat.com/support/errata/RHSA-2007-1086.html
http://www.redhat.com/support/errata/RHSA-2008-0100.html
Patch
http://www.vupen.com/english/advisories/2007/3009
Vendor Advisory
http://secunia.com/advisories/26314
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0818.html
http://dev2dev.bea.com/pub/advisory/249
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
http://osvdb.org/36663
http://secunia.com/advisories/26015
Vendor Advisory
http://secunia.com/advisories/26221
Vendor Advisory
http://secunia.com/advisories/27635
Vendor Advisory
http://secunia.com/advisories/27716
Vendor Advisory
http://secunia.com/advisories/28777
Vendor Advisory
http://secunia.com/advisories/28880
Vendor Advisory
http://secunia.com/advisories/29897
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1
Patch
Vendor Advisory
http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html
http://www.cisco.com/en/US/products/products_security_response09186a008088bd19.html
Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-sr-20070725-jsse.shtml
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0132.html
Patch
http://www.securityfocus.com/bid/24846
Patch
http://www.securitytracker.com/id?1018357
http://www.vupen.com/english/advisories/2007/2495
Vendor Advisory
http://www.vupen.com/english/advisories/2007/2660
Vendor Advisory
http://www.vupen.com/english/advisories/2007/3861
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/35333
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10634