Lucene search

K
cve[email protected]CVE-2007-0012
HistoryJan 09, 2008 - 11:46 p.m.

CVE-2007-0012

2008-01-0923:46:00
CWE-20
web.nvd.nist.gov
55
sun
jre 5.0
update 14
null pointer dereference
denial of service
cve-2007-0012

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.4%

Sun JRE 5.0 before update 14 allows remote attackers to cause a denial of service (Internet Explorer crash) via an object tag with an encoded applet and an undefined name attribute, which triggers a NULL pointer dereference in jpiexp32.dll when the applet is decoded and passed to the JVM.

Affected configurations

NVD
Node
sunjreRange1.5.0update10
OR
sunjreRange1.5.0update11
OR
sunjreRange1.5.0update12
OR
sunjreRange1.5.0update13
OR
sunjreRange1.5.0update7
OR
sunjreRange1.5.0update8
OR
sunjreRange1.5.0update9
CPENameOperatorVersion
sun:jresun jrele1.5.0

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.4%