Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-2435

Опубликовано: 02 мая 2007
Источник: nvd
CVSS2: 10
EPSS Низкий

Описание

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sun:java_enterprise_system:*:update10:*:*:*:*:*:*
Версия до 5.0 (включая)
cpe:2.3:a:sun:jre:*:update13:*:*:*:*:*:*
Версия до 1.4.2 (включая)
cpe:2.3:a:sun:jre:*:update10:*:*:*:*:*:*
Версия до 1.5.0 (включая)
cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*
Версия до 1.4.3_13 (включая)

EPSS

Процентиль: 86%
0.02917
Низкий

10 Critical

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2007-2435

ubuntu
почти 19 лет назад

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

redhat логотип

CVE-2007-2435

redhat
почти 19 лет назад

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

debian логотип

CVE-2007-2435

debian
почти 19 лет назад

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...

github логотип

GHSA-9ffv-4whq-h9qg

github
почти 4 года назад

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

EPSS

Процентиль: 86%
0.02917
Низкий

10 Critical

CVSS2

Дефекты

CWE-264