PublicDate: 2007-10-08 23:17:00 UTC
Candidate: CVE-2007-5273
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5273
Description:
 Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier,
 JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier,
 and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used,
 allows remote attackers to violate the security model for an applet's
 outbound connections via a multi-pin DNS rebinding attack in which the
 applet download relies on DNS resolution on the proxy server, but the
 applet's socket operations rely on DNS resolution on the local machine, a
 different issue than CVE-2007-5274. NOTE: this is similar to CVE-2007-5232.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 
upstream_sun-java6: released (6 Update 3)
dapper_sun-java6: DNE
edgy_sun-java6: DNE
feisty_sun-java6: needed (reached end-of-life)
gutsy_sun-java6: released (6-03-0ubuntu2)
hardy_sun-java6: released (6-03-0ubuntu2)
intrepid_sun-java6: released (6-03-0ubuntu2)
jaunty_sun-java6: released (6-03-0ubuntu2)
karmic_sun-java6: released (6-03-0ubuntu2)
devel_sun-java6: released (6-03-0ubuntu2)
upstream_sun-java5: released (5.0 Update 13)
dapper_sun-java5: ignored (reached end-of-life)
edgy_sun-java5: needed (reached end-of-life)
feisty_sun-java5: needed (reached end-of-life)
gutsy_sun-java5: released (1.5.0-13-0ubuntu1)
hardy_sun-java5: released (1.5.0-13-0ubuntu1)
intrepid_sun-java5: released (1.5.0-13-0ubuntu1)
jaunty_sun-java5: released (1.5.0-13-0ubuntu1)
karmic_sun-java5: DNE
devel_sun-java5: DNE