CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
91.2%
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web
Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to
perform unauthorized actions via an application that grants privileges to
itself, related to “Incorrect Use of System Classes” and probably related
to support for JNLP files.