10

CVE-2007-2435

EPSS 3.43%
Published 02.05.2007 10:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

Affected products Warnungen 0 Metrics 2 CWE 0 References 34

Data is provided by the National Vulnerability Database (NVD)

Sun ≫ Java Enterprise System Updateupdate10 Version <= 5.0

Sun ≫ Jre Updateupdate13 Version <= 1.4.2

Sun ≫ Jre Updateupdate10 Version <= 1.5.0

Sun ≫ Sdk Version <= 1.4.3_13

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.43%	0.87

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://www.redhat.com/support/errata/RHSA-2008-0261.html

http://docs.info.apple.com/article.html?artnum=307177

http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

http://secunia.com/advisories/28115

http://www.vupen.com/english/advisories/2007/4224

http://secunia.com/advisories/25283

http://www.vupen.com/english/advisories/2007/1814

http://dev2dev.bea.com/pub/advisory/241

http://osvdb.org/35483

http://secunia.com/advisories/25069

Patch

Vendor Advisory

http://secunia.com/advisories/25413

http://secunia.com/advisories/25474

http://secunia.com/advisories/25832

http://secunia.com/advisories/26311

http://secunia.com/advisories/26369

http://secunia.com/advisories/29858

http://secunia.com/advisories/30780

http://security.gentoo.org/glsa/glsa-200706-08.xml

http://security.gentoo.org/glsa/glsa-200804-28.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1

Patch

Vendor Advisory

http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm

http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml

http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml

http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml

http://www.redhat.com/support/errata/RHSA-2007-0817.html

http://www.redhat.com/support/errata/RHSA-2007-0829.html

http://www.securityfocus.com/bid/23728

Patch

http://www.securitytracker.com/id?1017986

http://www.vupen.com/english/advisories/2007/1598

https://exchange.xforce.ibmcloud.com/vulnerabilities/33984

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999

https://nvd.nist.gov/vuln/detail/CVE-2007-2435

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2435

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2435

EUVD