Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:30
Type | Values Removed | Values Added |
---|---|---|
References | () http://dev2dev.bea.com/pub/advisory/241 - | |
References | () http://docs.info.apple.com/article.html?artnum=307177 - | |
References | () http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html - | |
References | () http://osvdb.org/35483 - | |
References | () http://secunia.com/advisories/25069 - Patch, Vendor Advisory | |
References | () http://secunia.com/advisories/25283 - | |
References | () http://secunia.com/advisories/25413 - | |
References | () http://secunia.com/advisories/25474 - | |
References | () http://secunia.com/advisories/25832 - | |
References | () http://secunia.com/advisories/26311 - | |
References | () http://secunia.com/advisories/26369 - | |
References | () http://secunia.com/advisories/28115 - | |
References | () http://secunia.com/advisories/29858 - | |
References | () http://secunia.com/advisories/30780 - | |
References | () http://security.gentoo.org/glsa/glsa-200706-08.xml - | |
References | () http://security.gentoo.org/glsa/glsa-200804-28.xml - | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 - Patch, Vendor Advisory | |
References | () http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm - | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml - | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml - | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml - | |
References | () http://www.redhat.com/support/errata/RHSA-2007-0817.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2007-0829.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2008-0261.html - | |
References | () http://www.securityfocus.com/bid/23728 - Patch | |
References | () http://www.securitytracker.com/id?1017986 - | |
References | () http://www.vupen.com/english/advisories/2007/1598 - | |
References | () http://www.vupen.com/english/advisories/2007/1814 - | |
References | () http://www.vupen.com/english/advisories/2007/4224 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/33984 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999 - |
Information
Published : 2007-05-02 10:19
Updated : 2024-11-21 00:30
NVD link : CVE-2007-2435
Mitre link : CVE-2007-2435
CVE.ORG link : CVE-2007-2435
JSON object : View
Products Affected
sun
- jre
- sdk
- java_enterprise_system
CWE
CWE-264
Permissions, Privileges, and Access Controls