Lucene search

PRIOn knowledge basePRION:CVE-2007-5239

HistoryOct 06, 2007 - 12:17 a.m.

Code injection

2007-10-0600:17:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.4%

JSON

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications.

CPENameOperatorVersion
jdkeq1.5.0 update3
jdkeq1.5.0 update11
jdkeq1.5.0 update9
jdkeq1.6.0 update2
jdkeq1.5.0 update1
jdkeq1.5.0 update4
jdkeq1.6.0 update1
jdkeq1.5.0 update7
jdkeq1.5.0 update12
jdkeq1.5.0 update5

Name	Operator	Version
jdk	eq	1.5.0 update3
jdk	eq	1.5.0 update11
jdk	eq	1.5.0 update9
jdk	eq	1.6.0 update2
jdk	eq	1.5.0 update1
jdk	eq	1.5.0 update4
jdk	eq	1.6.0 update1
jdk	eq	1.5.0 update7
jdk	eq	1.5.0 update12
jdk	eq	1.5.0 update5

Rows per page:

1-10 of 641

References

dev2dev.bea.com/pub/advisory/272

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533

lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html

secunia.com/advisories/27206

secunia.com/advisories/27261

secunia.com/advisories/27693

secunia.com/advisories/27716

secunia.com/advisories/27804

secunia.com/advisories/28777

secunia.com/advisories/28880

secunia.com/advisories/29042

secunia.com/advisories/29214

secunia.com/advisories/29340

secunia.com/advisories/29858

secunia.com/advisories/29897

secunia.com/advisories/30676

secunia.com/advisories/30780

security.gentoo.org/glsa/glsa-200804-28.xml

securitytracker.com/id?1018814

sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1

support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html

www.gentoo.org/security/en/glsa/glsa-200804-20.xml

www.gentoo.org/security/en/glsa/glsa-200806-11.xml

www.novell.com/linux/security/advisories/2007_55_java.html

www.redhat.com/support/errata/RHSA-2007-0963.html

www.redhat.com/support/errata/RHSA-2007-1041.html

www.redhat.com/support/errata/RHSA-2008-0100.html

www.redhat.com/support/errata/RHSA-2008-0132.html

www.redhat.com/support/errata/RHSA-2008-0156.html

www.securityfocus.com/archive/1/482926/100/0/threaded

www.vmware.com/security/advisories/VMSA-2008-0010.html

www.vupen.com/english/advisories/2007/3895

www.vupen.com/english/advisories/2008/0609

www.vupen.com/english/advisories/2008/1856/references

exchange.xforce.ibmcloud.com/vulnerabilities/36950

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8758

6.4 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.4%

JSON

Related for PRION:CVE-2007-5239