Red Hat Customer Portal

Skip to main content

CVE-2007-3698

Impact:
Moderate
Public Date:
2007-07-10
Bugzilla:
249539: CVE-2007-3698 Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition

The MITRE CVE dictionary describes this issue as:

The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.2_11 through 1.4.2_14, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service (CPU consumption) via certain SSL/TLS handshake requests.

Find out more about CVE-2007-3698 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux AS version 3 Extras (java-1.4.2-ibm) RHSA-2008:0132 2008-02-14
Red Hat Enterprise Linux AS version 3 Extras (java-1.4.2-bea) RHSA-2008:0100 2008-03-11
Red Hat Enterprise Linux AS version 4 Extras (java-1.4.2-ibm) RHSA-2008:0132 2008-02-14
Red Hat Enterprise Linux AS version 4 Extras (java-1.4.2-bea-jdbc) RHSA-2007:1086 2007-12-12
Red Hat Enterprise Linux Supplementary 5 (java-1.5.0-bea) RHSA-2007:0956 2007-10-16
Red Hat Enterprise Linux Supplementary 5 (java-1.4.2-ibm) RHSA-2008:0132 2008-02-14
Red Hat Enterprise Linux AS version 4 Extras (java-1.5.0-sun) RHSA-2007:0818 2007-08-06
Red Hat Enterprise Linux Supplementary 5 (java-1.4.2-bea) RHSA-2008:0100 2008-03-11

Affected Packages State

Platform Package State
Red Hat Enterprise Linux AS version 4 Extras java-1.5.0-bea 1.5.0.11-1jpp.2.el4 Fixed

Last Modified