CVE-2007-2435 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-2435
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2435

Description: Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/33984 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 ST 1017986 SAID Secunia Advisory: SA26311 Secunia Advisory: SA25832 Secunia Advisory: SA25474 Secunia Advisory: SA25413 Secunia Advisory: SA25283 Secunia Advisory: SA25069 Secunia Advisory: SA26369 Secunia Advisory: SA28115 Secunia Advisory: SA29858 Secunia Advisory: SA30780 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0829.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://www.redhat.com/support/errata/RHSA-2007-0817.html MISC http://docs.info.apple.com/article.html?artnum=307177 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml http://security.gentoo.org/glsa/glsa-200706-08.xml http://security.gentoo.org/glsa/glsa-200804-28.xml http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm BID 23728 BEA http://dev2dev.bea.com/pub/advisory/241 APPLE http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

Return to the previous page.