2.6

CVE-2007-5238

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web Start cache location) via an untrusted application, aka "three vulnerabilities."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunJdk Version1.5.0 Updateupdate1
SunJdk Version1.5.0 Updateupdate10
SunJdk Version1.5.0 Updateupdate11
SunJdk Version1.5.0 Updateupdate12
SunJdk Version1.5.0 Updateupdate2
SunJdk Version1.5.0 Updateupdate3
SunJdk Version1.5.0 Updateupdate4
SunJdk Version1.5.0 Updateupdate5
SunJdk Version1.5.0 Updateupdate7
SunJdk Version1.5.0 Updateupdate8
SunJdk Version1.5.0 Updateupdate9
SunJdk Version1.6.0 Updateupdate1
SunJdk Version1.6.0 Updateupdate2
SunJre Version1.3.0
SunJre Version1.3.0 Updateupdate5
SunJre Version1.3.1 Updateupdate1
SunJre Version1.3.1 Updateupdate16
SunJre Version1.3.1 Updateupdate18
SunJre Version1.3.1 Updateupdate19
SunJre Version1.3.1 Updateupdate1a
SunJre Version1.3.1 Updateupdate20
SunJre Version1.4
SunJre Version1.4.1 Updateupdate3
SunJre Version1.4.2
SunJre Version1.4.2_1
SunJre Version1.4.2_3
SunJre Version1.4.2_8
SunJre Version1.4.2_9
SunJre Version1.4.2_10
SunJre Version1.4.2_11
SunJre Version1.4.2_12
SunJre Version1.4.2_13
SunJre Version1.4.2_14
SunJre Version1.4.2_15
SunJre Version1.5.0 Updateupdate1
SunJre Version1.5.0 Updateupdate10
SunJre Version1.5.0 Updateupdate11
SunJre Version1.5.0 Updateupdate12
SunJre Version1.5.0 Updateupdate2
SunJre Version1.5.0 Updateupdate3
SunJre Version1.5.0 Updateupdate4
SunJre Version1.5.0 Updateupdate5
SunJre Version1.5.0 Updateupdate6
SunJre Version1.5.0 Updateupdate7
SunJre Version1.5.0 Updateupdate8
SunJre Version1.5.0 Updateupdate9
SunJre Version1.6.0 Updateupdate_1
SunJre Version1.6.0 Updateupdate_2
SunSdk Version1.3.1_01
SunSdk Version1.3.1_01a
SunSdk Version1.3.1_16
SunSdk Version1.3.1_18
SunSdk Version1.3.1_19
SunSdk Version1.3.1_20
SunSdk Version1.4.2
SunSdk Version1.4.2_03
SunSdk Version1.4.2_08
SunSdk Version1.4.2_09
SunSdk Version1.4.2_10
SunSdk Version1.4.2_11
SunSdk Version1.4.2_12
SunSdk Version1.4.2_13
SunSdk Version1.4.2_14
SunSdk Version1.4.2_15
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.66% 0.837
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/29858
http://secunia.com/advisories/30780
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
http://secunia.com/advisories/27716
Patch
http://secunia.com/advisories/28777
http://secunia.com/advisories/28880
http://secunia.com/advisories/29897
http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html
http://www.redhat.com/support/errata/RHSA-2008-0132.html
http://dev2dev.bea.com/pub/advisory/272
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533
http://secunia.com/advisories/27206
http://secunia.com/advisories/27261
http://secunia.com/advisories/27693
Patch
http://secunia.com/advisories/27804
http://secunia.com/advisories/29042
http://secunia.com/advisories/30676
http://www.novell.com/linux/security/advisories/2007_55_java.html
http://www.redhat.com/support/errata/RHSA-2007-0963.html
http://www.redhat.com/support/errata/RHSA-2007-1041.html
http://www.securityfocus.com/archive/1/482926/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2008-0010.html
http://www.vupen.com/english/advisories/2007/3895
http://www.vupen.com/english/advisories/2008/0609
http://www.vupen.com/english/advisories/2008/1856/references
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103073-1
Patch
http://www.securityfocus.com/bid/25920
https://exchange.xforce.ibmcloud.com/vulnerabilities/36946
http://www.securitytracker.com/id?1018770
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11592