10

CVE-2007-2435

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunJava Enterprise System Updateupdate10 Version <= 5.0
SunJre Updateupdate13 Version <= 1.4.2
SunJre Updateupdate10 Version <= 1.5.0
SunSdk Version <= 1.4.3_13
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.96% 0.911
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://docs.info.apple.com/article.html?artnum=307177
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
http://secunia.com/advisories/28115
http://www.vupen.com/english/advisories/2007/4224
http://secunia.com/advisories/25283
http://www.vupen.com/english/advisories/2007/1814
http://dev2dev.bea.com/pub/advisory/241
http://osvdb.org/35483
http://secunia.com/advisories/25069
Patch
Vendor Advisory
http://secunia.com/advisories/25413
http://secunia.com/advisories/25474
http://secunia.com/advisories/25832
http://secunia.com/advisories/26311
http://secunia.com/advisories/26369
http://secunia.com/advisories/29858
http://secunia.com/advisories/30780
http://security.gentoo.org/glsa/glsa-200706-08.xml
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1
Patch
Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm
http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://www.redhat.com/support/errata/RHSA-2007-0817.html
http://www.redhat.com/support/errata/RHSA-2007-0829.html
http://www.securityfocus.com/bid/23728
Patch
http://www.securitytracker.com/id?1017986
http://www.vupen.com/english/advisories/2007/1598
https://exchange.xforce.ibmcloud.com/vulnerabilities/33984
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999