Lucene search

PRIOn knowledge basePRION:CVE-2007-5238

HistoryOct 06, 2007 - 12:17 a.m.

Design/Logic Flaw

2007-10-0600:17:00

PRIOn knowledge base

www.prio-n.com

5.9 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.01 Low

EPSS

Percentile

83.0%

JSON

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web Start cache location) via an untrusted application, aka “three vulnerabilities.”

CPENameOperatorVersion
jdkeq1.5.0 update3
jdkeq1.5.0 update11
jdkeq1.5.0 update9
jdkeq1.6.0 update2
jdkeq1.5.0 update1
jdkeq1.5.0 update4
jdkeq1.6.0 update1
jdkeq1.5.0 update7
jdkeq1.5.0 update12
jdkeq1.5.0 update5

Name	Operator	Version
jdk	eq	1.5.0 update3
jdk	eq	1.5.0 update11
jdk	eq	1.5.0 update9
jdk	eq	1.6.0 update2
jdk	eq	1.5.0 update1
jdk	eq	1.5.0 update4
jdk	eq	1.6.0 update1
jdk	eq	1.5.0 update7
jdk	eq	1.5.0 update12
jdk	eq	1.5.0 update5

Rows per page:

1-10 of 641

References

dev2dev.bea.com/pub/advisory/272

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533

lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html

secunia.com/advisories/27206

secunia.com/advisories/27261

secunia.com/advisories/27693

secunia.com/advisories/27716

secunia.com/advisories/27804

secunia.com/advisories/28777

secunia.com/advisories/28880

secunia.com/advisories/29042

secunia.com/advisories/29858

secunia.com/advisories/29897

secunia.com/advisories/30676

secunia.com/advisories/30780

security.gentoo.org/glsa/glsa-200804-28.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-103073-1

support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html

www.gentoo.org/security/en/glsa/glsa-200804-20.xml

www.gentoo.org/security/en/glsa/glsa-200806-11.xml

www.novell.com/linux/security/advisories/2007_55_java.html

www.redhat.com/support/errata/RHSA-2007-0963.html

www.redhat.com/support/errata/RHSA-2007-1041.html

www.redhat.com/support/errata/RHSA-2008-0132.html

www.securityfocus.com/archive/1/482926/100/0/threaded

www.securityfocus.com/bid/25920

www.securitytracker.com/id?1018770

www.vmware.com/security/advisories/VMSA-2008-0010.html

www.vupen.com/english/advisories/2007/3895

www.vupen.com/english/advisories/2008/0609

www.vupen.com/english/advisories/2008/1856/references

exchange.xforce.ibmcloud.com/vulnerabilities/36946

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11592

5.9 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.01 Low

EPSS

Percentile

83.0%

JSON

Related for PRION:CVE-2007-5238