Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-2435

Опубликовано: 02 мая 2007
Источник: nvd
CVSS2: 10
EPSS Низкий

Описание

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sun:java_enterprise_system:*:update10:*:*:*:*:*:*
Версия до 5.0 (включая)
cpe:2.3:a:sun:jre:*:update13:*:*:*:*:*:*
Версия до 1.4.2 (включая)
cpe:2.3:a:sun:jre:*:update10:*:*:*:*:*:*
Версия до 1.5.0 (включая)
cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*
Версия до 1.4.3_13 (включая)

EPSS

Процентиль: 87%
0.03429
Низкий

10 Critical

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2007-2435

ubuntu
больше 18 лет назад

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

redhat логотип

CVE-2007-2435

redhat
больше 18 лет назад

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

debian логотип

CVE-2007-2435

debian
больше 18 лет назад

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...

github логотип

GHSA-9ffv-4whq-h9qg

github
больше 3 лет назад

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

EPSS

Процентиль: 87%
0.03429
Низкий

10 Critical

CVSS2

Дефекты

CWE-264