Lucene search

K
cve[email protected]CVE-2007-5236
HistoryOct 06, 2007 - 12:17 a.m.

CVE-2007-5236

2007-10-0600:17:00
CWE-264
web.nvd.nist.gov
25
cve-2007-5236
java
web start
sun jdk
jre
windows
access restrictions
untrusted applications
remote attackers
nvd
vulnerability

6.1 Medium

AI Score

Confidence

Low

5.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:C/I:N/A:N

0.004 Low

EPSS

Percentile

74.6%

Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read local files via an untrusted application.

References

6.1 Medium

AI Score

Confidence

Low

5.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:C/I:N/A:N

0.004 Low

EPSS

Percentile

74.6%

Related for CVE-2007-5236