CVE-2007-2435

critical

Description

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999

https://exchange.xforce.ibmcloud.com/vulnerabilities/33984

http://www.vupen.com/english/advisories/2007/4224

http://www.vupen.com/english/advisories/2007/1814

http://www.vupen.com/english/advisories/2007/1598

http://www.securitytracker.com/id?1017986

http://www.securityfocus.com/bid/23728

http://www.redhat.com/support/errata/RHSA-2008-0261.html

http://www.redhat.com/support/errata/RHSA-2007-0829.html

http://www.redhat.com/support/errata/RHSA-2007-0817.html

http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml

http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml

http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml

http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1

http://security.gentoo.org/glsa/glsa-200804-28.xml

http://security.gentoo.org/glsa/glsa-200706-08.xml

http://secunia.com/advisories/30780

http://secunia.com/advisories/29858

http://secunia.com/advisories/28115

http://secunia.com/advisories/26369

http://secunia.com/advisories/26311

http://secunia.com/advisories/25832

http://secunia.com/advisories/25474

http://secunia.com/advisories/25413

http://secunia.com/advisories/25283

http://secunia.com/advisories/25069

http://osvdb.org/35483

http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

http://docs.info.apple.com/article.html?artnum=307177

http://dev2dev.bea.com/pub/advisory/241

Details

Source: Mitre, NVD

Published: 2007-05-02

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical