CVE-2007-2435 - Vulnerability Details

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Network Satellite Rhel Extras
Sun	Java Enterprise System Jre Sdk

Configuration 1 [-]

OR	cpe:2.3:a:sun:java_enterprise_system::update10::::::*
	cpe:2.3:a:sun:jre::update13::::::*
	cpe:2.3:a:sun:jre::update10::::::*
	cpe:2.3:a:sun:sdk::::::::

Package	CPE	Advisory	Released Date
Extras for RHEL 3
java-1.4.2-ibm-0:1.4.2.9-1jpp.1.el3	cpe:/a:redhat:rhel_extras:3	RHSA-2007:0817	2007-08-06T00:00:00Z
Extras for RHEL 4
java-1.4.2-ibm-0:1.4.2.9-1jpp.1.el4	cpe:/a:redhat:rhel_extras:4	RHSA-2007:0817	2007-08-06T00:00:00Z
java-1.5.0-ibm-1:1.5.0.5-1jpp.2.el4	cpe:/a:redhat:rhel_extras:4	RHSA-2007:0829	2007-08-07T00:00:00Z
Red Hat Network Satellite Server v 4.2
jabberd-0:2.0s10-3.38.rhn	cpe:/a:redhat:network_satellite:4.2::el4	RHSA-2008:0524	2008-06-30T00:00:00Z
java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el4	cpe:/a:redhat:network_satellite:4.2::el4	RHSA-2008:0524	2008-06-30T00:00:00Z
jfreechart-0:0.9.20-3.rhn	cpe:/a:redhat:network_satellite:4.2::el4	RHSA-2008:0524	2008-06-30T00:00:00Z
openmotif21-0:2.1.30-11.RHEL4.6	cpe:/a:redhat:network_satellite:4.2::el4	RHSA-2008:0524	2008-06-30T00:00:00Z
perl-Crypt-CBC-0:2.24-1.el4	cpe:/a:redhat:network_satellite:4.2::el4	RHSA-2008:0524	2008-06-30T00:00:00Z
rhn-apache-0:1.3.27-36.rhn.rhel4	cpe:/a:redhat:network_satellite:4.2::el4	RHSA-2008:0524	2008-06-30T00:00:00Z
rhn-modjk-0:1.2.23-2rhn.rhel4	cpe:/a:redhat:network_satellite:4.2::el4	RHSA-2008:0524	2008-06-30T00:00:00Z
rhn-modperl-0:1.29-16.rhel4	cpe:/a:redhat:network_satellite:4.2::el4	RHSA-2008:0524	2008-06-30T00:00:00Z
rhn-modssl-0:2.8.12-8.rhn.10.rhel4	cpe:/a:redhat:network_satellite:4.2::el4	RHSA-2008:0524	2008-06-30T00:00:00Z
tomcat5-0:5.0.30-0jpp_10rh	cpe:/a:redhat:network_satellite:4.2::el4	RHSA-2008:0524	2008-06-30T00:00:00Z
Red Hat Network Satellite Server v 4.2 (RHEL3)
jabberd-0:2.0s10-3.37.rhn	cpe:/a:redhat:network_satellite:4.2::el3	RHSA-2008:0524	2008-06-30T00:00:00Z
java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el3	cpe:/a:redhat:network_satellite:4.2::el3	RHSA-2008:0524	2008-06-30T00:00:00Z
jfreechart-0:0.9.20-3.rhn	cpe:/a:redhat:network_satellite:4.2::el3	RHSA-2008:0524	2008-06-30T00:00:00Z
openmotif21-0:2.1.30-9.RHEL3.8	cpe:/a:redhat:network_satellite:4.2::el3	RHSA-2008:0524	2008-06-30T00:00:00Z
perl-Crypt-CBC-0:2.24-1.el3	cpe:/a:redhat:network_satellite:4.2::el3	RHSA-2008:0524	2008-06-30T00:00:00Z
rhn-apache-0:1.3.27-36.rhn.rhel3	cpe:/a:redhat:network_satellite:4.2::el3	RHSA-2008:0524	2008-06-30T00:00:00Z
rhn-modjk-0:1.2.23-2rhn.rhel3	cpe:/a:redhat:network_satellite:4.2::el3	RHSA-2008:0524	2008-06-30T00:00:00Z
rhn-modperl-0:1.29-16.rhel3	cpe:/a:redhat:network_satellite:4.2::el3	RHSA-2008:0524	2008-06-30T00:00:00Z
rhn-modssl-0:2.8.12-8.rhn.10.rhel3	cpe:/a:redhat:network_satellite:4.2::el3	RHSA-2008:0524	2008-06-30T00:00:00Z
tomcat5-0:5.0.30-0jpp_10rh	cpe:/a:redhat:network_satellite:4.2::el3	RHSA-2008:0524	2008-06-30T00:00:00Z
Red Hat Network Satellite Server v 5.0
jabberd-0:2.0s10-3.38.rhn	cpe:/a:redhat:network_satellite:5.0:el4	RHSA-2008:0261	2008-05-20T00:00:00Z
java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el4	cpe:/a:redhat:network_satellite:5.0:el4	RHSA-2008:0261	2008-05-20T00:00:00Z
jfreechart-0:0.9.20-3.rhn	cpe:/a:redhat:network_satellite:5.0:el4	RHSA-2008:0261	2008-05-20T00:00:00Z
openmotif21-0:2.1.30-11.RHEL4.6	cpe:/a:redhat:network_satellite:5.0:el4	RHSA-2008:0261	2008-05-20T00:00:00Z
perl-Crypt-CBC-0:2.24-1.el4	cpe:/a:redhat:network_satellite:5.0:el4	RHSA-2008:0261	2008-05-20T00:00:00Z
rhn-apache-0:1.3.27-36.rhn.rhel4	cpe:/a:redhat:network_satellite:5.0:el4	RHSA-2008:0261	2008-05-20T00:00:00Z
rhn-modjk-0:1.2.23-2rhn.rhel4	cpe:/a:redhat:network_satellite:5.0:el4	RHSA-2008:0261	2008-05-20T00:00:00Z
rhn-modperl-0:1.29-16.rhel4	cpe:/a:redhat:network_satellite:5.0:el4	RHSA-2008:0261	2008-05-20T00:00:00Z
rhn-modssl-0:2.8.12-8.rhn.10.rhel4	cpe:/a:redhat:network_satellite:5.0:el4	RHSA-2008:0261	2008-05-20T00:00:00Z
tomcat5-0:5.0.30-0jpp_10rh	cpe:/a:redhat:network_satellite:5.0:el4	RHSA-2008:0261	2008-05-20T00:00:00Z
Supplementary for Red Hat Enterprise Linux 5
java-1.4.2-ibm-0:1.4.2.9-1jpp.1.el5	cpe:/a:redhat:rhel_extras:5	RHSA-2007:0817	2007-08-06T00:00:00Z
java-1.5.0-ibm-1:1.5.0.5-1jpp.0.1.el5	cpe:/a:redhat:rhel_extras:5	RHSA-2007:0829	2007-08-07T00:00:00Z

References

Link	Providers
http://dev2dev.bea.com/pub/advisory/241
http://docs.info.apple.com/article.html?artnum=307177
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
http://osvdb.org/35483
http://secunia.com/advisories/25069
http://secunia.com/advisories/25283
http://secunia.com/advisories/25413
http://secunia.com/advisories/25474
http://secunia.com/advisories/25832
http://secunia.com/advisories/26311
http://secunia.com/advisories/26369
http://secunia.com/advisories/28115
http://secunia.com/advisories/29858
http://secunia.com/advisories/30780
http://security.gentoo.org/glsa/glsa-200706-08.xml
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1
http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm
http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://www.redhat.com/support/errata/RHSA-2007-0817.html
http://www.redhat.com/support/errata/RHSA-2007-0829.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://www.securityfocus.com/bid/23728
http://www.securitytracker.com/id?1017986
http://www.vupen.com/english/advisories/2007/1598
http://www.vupen.com/english/advisories/2007/1814
http://www.vupen.com/english/advisories/2007/4224
https://exchange.xforce.ibmcloud.com/vulnerabilities/33984
https://nvd.nist.gov/vuln/detail/CVE-2007-2435
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999
https://www.cve.org/CVERecord?id=CVE-2007-2435

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-05-02T10:00:00

Updated: 2024-08-07T13:42:33.441Z

Reserved: 2007-05-01T00:00:00

Link: CVE-2007-2435

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-05-02T10:19:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-2435

Redhat

Severity : Critical

Publid Date: 2007-04-30T00:00:00Z

Links: CVE-2007-2435 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-04-30T00:00:00", "descriptions": [{"lang": "en", "value": "Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to \"Incorrect Use of System Classes\" and probably related to support for JNLP files."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://docs.info.apple.com/article.html?artnum=307177"}, {"name": "BEA07-173.00", "tags": ["vendor-advisory", "x_refsource_BEA"], "url": "http://dev2dev.bea.com/pub/advisory/241"}, {"name": "23728", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23728"}, {"name": "ADV-2007-1814", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1814"}, {"name": "26311", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26311"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"}, {"name": "25283", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25283"}, {"name": "35483", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/35483"}, {"name": "GLSA-200705-23", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"}, {"name": "ADV-2007-1598", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1598"}, {"name": "26369", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26369"}, {"name": "25413", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25413"}, {"name": "GLSA-200804-28", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"}, {"name": "29858", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29858"}, {"name": "APPLE-SA-2007-12-14", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"}, {"name": "RHSA-2007:0817", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"}, {"name": "25832", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25832"}, {"name": "ADV-2007-4224", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/4224"}, {"name": "GLSA-200706-08", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"}, {"name": "102881", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"}, {"name": "javawebstart-classes-privilege-escalation(33984)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"}, {"name": "30780", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30780"}, {"name": "1017986", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017986"}, {"name": "25069", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25069"}, {"name": "28115", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28115"}, {"name": "RHSA-2008:0261", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"}, {"name": "25474", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25474"}, {"name": "GLSA-200804-20", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"}, {"name": "GLSA-200806-11", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"}, {"name": "oval:org.mitre.oval:def:10999", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"}, {"name": "RHSA-2007:0829", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2435", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to \"Incorrect Use of System Classes\" and probably related to support for JNLP files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://docs.info.apple.com/article.html?artnum=307177", "refsource": "MISC", "url": "http://docs.info.apple.com/article.html?artnum=307177"}, {"name": "BEA07-173.00", "refsource": "BEA", "url": "http://dev2dev.bea.com/pub/advisory/241"}, {"name": "23728", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23728"}, {"name": "ADV-2007-1814", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1814"}, {"name": "26311", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26311"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"}, {"name": "25283", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25283"}, {"name": "35483", "refsource": "OSVDB", "url": "http://osvdb.org/35483"}, {"name": "GLSA-200705-23", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"}, {"name": "ADV-2007-1598", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1598"}, {"name": "26369", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26369"}, {"name": "25413", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25413"}, {"name": "GLSA-200804-28", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"}, {"name": "29858", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29858"}, {"name": "APPLE-SA-2007-12-14", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"}, {"name": "RHSA-2007:0817", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"}, {"name": "25832", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25832"}, {"name": "ADV-2007-4224", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/4224"}, {"name": "GLSA-200706-08", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"}, {"name": "102881", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"}, {"name": "javawebstart-classes-privilege-escalation(33984)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"}, {"name": "30780", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30780"}, {"name": "1017986", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017986"}, {"name": "25069", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25069"}, {"name": "28115", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28115"}, {"name": "RHSA-2008:0261", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"}, {"name": "25474", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25474"}, {"name": "GLSA-200804-20", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"}, {"name": "GLSA-200806-11", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"}, {"name": "oval:org.mitre.oval:def:10999", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"}, {"name": "RHSA-2007:0829", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:42:33.441Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=307177"}, {"name": "BEA07-173.00", "tags": ["vendor-advisory", "x_refsource_BEA", "x_transferred"], "url": "http://dev2dev.bea.com/pub/advisory/241"}, {"name": "23728", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23728"}, {"name": "ADV-2007-1814", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1814"}, {"name": "26311", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26311"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"}, {"name": "25283", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25283"}, {"name": "35483", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/35483"}, {"name": "GLSA-200705-23", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"}, {"name": "ADV-2007-1598", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1598"}, {"name": "26369", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26369"}, {"name": "25413", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25413"}, {"name": "GLSA-200804-28", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"}, {"name": "29858", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29858"}, {"name": "APPLE-SA-2007-12-14", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"}, {"name": "RHSA-2007:0817", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"}, {"name": "25832", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25832"}, {"name": "ADV-2007-4224", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/4224"}, {"name": "GLSA-200706-08", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"}, {"name": "102881", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"}, {"name": "javawebstart-classes-privilege-escalation(33984)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"}, {"name": "30780", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30780"}, {"name": "1017986", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017986"}, {"name": "25069", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25069"}, {"name": "28115", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28115"}, {"name": "RHSA-2008:0261", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"}, {"name": "25474", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25474"}, {"name": "GLSA-200804-20", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"}, {"name": "GLSA-200806-11", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"}, {"name": "oval:org.mitre.oval:def:10999", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"}, {"name": "RHSA-2007:0829", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2435", "datePublished": "2007-05-02T10:00:00", "dateReserved": "2007-05-01T00:00:00", "dateUpdated": "2024-08-07T13:42:33.441Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_enterprise_system:*:update10:*:*:*:*:*:*", "matchCriteriaId": "30914423-2DED-4015-92D2-9B9C5BA1283A", "versionEndIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:*:update13:*:*:*:*:*:*", "matchCriteriaId": "237F087F-53C4-400D-B132-37BBEEA3E03D", "versionEndIncluding": "1.4.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:*:update10:*:*:*:*:*:*", "matchCriteriaId": "1CBCA6F7-38C1-4B08-8E46-4322497B2B54", "versionEndIncluding": "1.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "A25A5A79-1BF1-4EEC-B407-758A9A986188", "versionEndIncluding": "1.4.3_13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to \"Incorrect Use of System Classes\" and probably related to support for JNLP files."}, {"lang": "es", "value": "Sun Java Web Start en JDK y JRE 5.0 hasta 10 y anteriores, y Java Web Start en SDK y JRE 1.4.2_13 y anteriores, permite a atacantes remotos realizar acciones no autorizadas a trav\u00e9s de una aplicaci\u00f3n que concede privilegios a si mismo, relacionado con \"Uso incorrecto de sistemas de clases\" y probablemente relacionado con el apoyo para ficheros JNLP."}], "evaluatorSolution": "The vendor has addressed this issue through product updates that can be found at: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1", "id": "CVE-2007-2435", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-05-02T10:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://dev2dev.bea.com/pub/advisory/241"}, {"source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=307177"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/35483"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25069"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25283"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25413"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25474"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25832"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/26311"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/26369"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/28115"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/29858"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30780"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"}, {"source": "cve@mitre.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/23728"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1017986"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/1598"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/1814"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/4224"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://dev2dev.bea.com/pub/advisory/241"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=307177"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/35483"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25069"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25283"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25413"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25474"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25832"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26311"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26369"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28115"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29858"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30780"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/23728"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1017986"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1598"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1814"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/4224"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33984"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2007:0817", "cpe": "cpe:/a:redhat:rhel_extras:3", "package": "java-1.4.2-ibm-0:1.4.2.9-1jpp.1.el3", "product_name": "Extras for RHEL 3", "release_date": "2007-08-06T00:00:00Z"}, {"advisory": "RHSA-2007:0817", "cpe": "cpe:/a:redhat:rhel_extras:4", "package": "java-1.4.2-ibm-0:1.4.2.9-1jpp.1.el4", "product_name": "Extras for RHEL 4", "release_date": "2007-08-06T00:00:00Z"}, {"advisory": "RHSA-2007:0829", "cpe": "cpe:/a:redhat:rhel_extras:4", "package": "java-1.5.0-ibm-1:1.5.0.5-1jpp.2.el4", "product_name": "Extras for RHEL 4", "release_date": "2007-08-07T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "jabberd-0:2.0s10-3.38.rhn", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "jfreechart-0:0.9.20-3.rhn", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "openmotif21-0:2.1.30-11.RHEL4.6", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "perl-Crypt-CBC-0:2.24-1.el4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "rhn-apache-0:1.3.27-36.rhn.rhel4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "rhn-modjk-0:1.2.23-2rhn.rhel4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "rhn-modperl-0:1.29-16.rhel4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "rhn-modssl-0:2.8.12-8.rhn.10.rhel4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "tomcat5-0:5.0.30-0jpp_10rh", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "jabberd-0:2.0s10-3.37.rhn", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "jfreechart-0:0.9.20-3.rhn", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "openmotif21-0:2.1.30-9.RHEL3.8", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "perl-Crypt-CBC-0:2.24-1.el3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "rhn-apache-0:1.3.27-36.rhn.rhel3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "rhn-modjk-0:1.2.23-2rhn.rhel3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "rhn-modperl-0:1.29-16.rhel3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "rhn-modssl-0:2.8.12-8.rhn.10.rhel3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "tomcat5-0:5.0.30-0jpp_10rh", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "jabberd-0:2.0s10-3.38.rhn", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "jfreechart-0:0.9.20-3.rhn", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "openmotif21-0:2.1.30-11.RHEL4.6", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "perl-Crypt-CBC-0:2.24-1.el4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "rhn-apache-0:1.3.27-36.rhn.rhel4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "rhn-modjk-0:1.2.23-2rhn.rhel4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "rhn-modperl-0:1.29-16.rhel4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "rhn-modssl-0:2.8.12-8.rhn.10.rhel4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "tomcat5-0:5.0.30-0jpp_10rh", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2007:0817", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "java-1.4.2-ibm-0:1.4.2.9-1jpp.1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2007-08-06T00:00:00Z"}, {"advisory": "RHSA-2007:0829", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "java-1.5.0-ibm-1:1.5.0.5-1jpp.0.1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2007-08-07T00:00:00Z"}], "bugzilla": {"description": "javaws vulnerabilities", "id": "239660", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=239660"}, "csaw": false, "details": ["Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to \"Incorrect Use of System Classes\" and probably related to support for JNLP files."], "name": "CVE-2007-2435", "public_date": "2007-04-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-2435\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-2435"], "threat_severity": "Critical"}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object