CVE-2005-3907

Unspecified vulnerability in Java Runtime Environment in Java JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors involving untrusted Java applets.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.apple.com/archives/security-announce/2005/Nov/msg00004.html
http://secunia.com/advisories/17748	Patch Vendor Advisory
http://secunia.com/advisories/17847	Vendor Advisory
http://secunia.com/advisories/18092	Vendor Advisory
http://securitytracker.com/id?1015282
http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102050-1	Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/355284	US Government Resource
http://www.securityfocus.com/bid/15615
http://www.vupen.com/english/advisories/2005/2636	Vendor Advisory
http://www.vupen.com/english/advisories/2005/2675	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/23250

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sun:jdk:1.5.0_03::linux:::::
	cpe:2.3:a:sun:jdk:1.5.0_03::solaris:::::
	cpe:2.3:a:sun:jdk:1.5.0_03::windows:::::
	cpe:2.3:a:sun:jre:1.3.0:::::::*
	cpe:2.3:a:sun:jre:1.3.0:update1::::::
	cpe:2.3:a:sun:jre:1.3.0:update2::::::
	cpe:2.3:a:sun:jre:1.3.0:update3::::::
	cpe:2.3:a:sun:jre:1.3.0:update4::::::
	cpe:2.3:a:sun:jre:1.3.0:update5::::::
	cpe:2.3:a:sun:jre:1.3.1:::::::*
	cpe:2.3:a:sun:jre:1.3.1:update1::::::
	cpe:2.3:a:sun:jre:1.3.1:update15::::::
	cpe:2.3:a:sun:jre:1.3.1:update1a::::::
	cpe:2.3:a:sun:jre:1.3.1:update4::::::
	cpe:2.3:a:sun:jre:1.3.1:update8::::::
	cpe:2.3:a:sun:jre:1.4.1:::::::*
	cpe:2.3:a:sun:jre:1.4.2:::::::*
	cpe:2.3:a:sun:jre:1.4.2_1:::::::*
	cpe:2.3:a:sun:jre:1.4.2_2:::::::*
	cpe:2.3:a:sun:jre:1.4.2_3:::::::*
	cpe:2.3:a:sun:jre:1.4.2_4:::::::*
	cpe:2.3:a:sun:jre:1.4.2_5:::::::*
	cpe:2.3:a:sun:jre:1.4.2_6:::::::*
	cpe:2.3:a:sun:jre:1.4.2_7:::::::*
	cpe:2.3:a:sun:jre:1.4.2_8:::::::*
	cpe:2.3:a:sun:jre:1.5.0:::::::*
	cpe:2.3:a:sun:jre:1.5.0:update1::::::
	cpe:2.3:a:sun:jre:1.5.0:update2::::::
	cpe:2.3:a:sun:jre:1.5.0:update3::::::

History

No history.

Information

Published : 2005-11-30 11:03

Updated : 2024-02-28 10:42

NVD link : CVE-2005-3907

Mitre link : CVE-2005-3907

CVE.ORG link : CVE-2005-3907

JSON object : View

Products Affected

sun

CWE

NVD-CWE-noinfo

7.5 /10