Описание
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2435
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33984
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999
- http://dev2dev.bea.com/pub/advisory/241
- http://docs.info.apple.com/article.html?artnum=307177
- http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
- http://osvdb.org/35483
- http://secunia.com/advisories/25069
- http://secunia.com/advisories/25283
- http://secunia.com/advisories/25413
- http://secunia.com/advisories/25474
- http://secunia.com/advisories/25832
- http://secunia.com/advisories/26311
- http://secunia.com/advisories/26369
- http://secunia.com/advisories/28115
- http://secunia.com/advisories/29858
- http://secunia.com/advisories/30780
- http://security.gentoo.org/glsa/glsa-200706-08.xml
- http://security.gentoo.org/glsa/glsa-200804-28.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1
- http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm
- http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml
- http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
- http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
- http://www.redhat.com/support/errata/RHSA-2007-0817.html
- http://www.redhat.com/support/errata/RHSA-2007-0829.html
- http://www.redhat.com/support/errata/RHSA-2008-0261.html
- http://www.securityfocus.com/bid/23728
- http://www.securitytracker.com/id?1017986
- http://www.vupen.com/english/advisories/2007/1598
- http://www.vupen.com/english/advisories/2007/1814
- http://www.vupen.com/english/advisories/2007/4224
EPSS
CVE ID
Связанные уязвимости
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...
EPSS