Lucene search
HistoryMay 02, 2005 - 4:00 a.m.
CVE-2005-0418
cve-2005-0418
java
web start
j2se
mac os x
property tag
jnlp file
privilege escalation
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.433 Medium
EPSS
Percentile
97.4%
Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836.
Affected configurations
Node
sunj2seMatch1.4.2sdk
ORsunj2seMatch1.4.2_01sdk
ORsunj2seMatch1.4.2_02sdk
ORsunj2seMatch1.4.2_03sdk
ORsunj2seMatch1.4.2_04sdk
ORsunj2seMatch1.4.2_05sdk
ORsunj2seMatch1.4.2_06sdk
Related
nvd
nvd
CVE-2005-0418
2005-05-02 04:00:00
CVE-2005-0836
2005-05-02 04:00:00
cvelist
cvelist
CVE-2005-0418
2005-03-24 05:00:00
CVE-2005-0836
2005-03-22 05:00:00
cve
cve
CVE-2005-0836
2005-05-02 04:00:00
gentoo
gentoo
Sun Java: Web Start argument injection vulnerability
2005-03-24 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200503-28 (Java)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200503-28 (Java)
2008-09-24 00:00:00
SLES9: Security update for Java2
2009-10-10 00:00:00
nessus
nessus
GLSA-200503-28 : Sun Java: Web Start argument injection vulnerability
2005-03-25 00:00:00
SUSE-SA:2005:032: java2
2005-07-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Sun Java Web Start JNLP File Argument Injection (CVE-2005-0836)
2009-10-04 00:00:00
suse
suse
remote code execution in java2
2005-06-22 12:11:10
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.433 Medium
EPSS
Percentile
97.4%
Related for CVE-2005-0418