Lucene search

K
ubuntucveUbuntu.comUB:CVE-2007-2435
HistoryMay 02, 2007 - 12:00 a.m.

CVE-2007-2435

2007-05-0200:00:00
ubuntu.com
ubuntu.com
26

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.032

Percentile

91.2%

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web
Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to
perform unauthorized actions via an application that grants privileges to
itself, related to “Incorrect Use of System Classes” and probably related
to support for JNLP files.

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.032

Percentile

91.2%