← Back

CVE-2007-5236

nvd nist
Published: Oct 6, 2007Modified: Apr 23, 2026

JSON object

Loading...
5.4
Vector
AV:N/AC:H/Au:N/C:C/I:N/A:N
Exploitability: 4.9 / Impact: 6.9
Source: NVD

Description

Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read local files via an untrusted application.

Affected (49)

Products: Sun: Jdk, Jre, Sdk
Sun
3 products
Jdk
Jre
Sdk
Configuration A
49 vulnerable
Vulnerable SoftwareAffected Versions
Sun
Jdk
Version 1.5.0 update10
Jdk
Version 1.5.0 update11
Jdk
Version 1.5.0 update12
Jdk
Version 1.5.0 update1
Jdk
Version 1.5.0 update2
Jdk
Version 1.5.0 update3
Jdk
Version 1.5.0 update4
Jdk
Version 1.5.0 update5
Jdk
Version 1.5.0 update7
Jdk
Version 1.5.0 update8
Jdk
Version 1.5.0 update9
Sun
Jre
Version 1.4.2
Jre
Version 1.4.2_10
Jre
Version 1.4.2_11
Jre
Version 1.4.2_12
Jre
Version 1.4.2_13
Jre
Version 1.4.2_14
Jre
Version 1.4.2_15
Jre
Version 1.4.2_1
Jre
Version 1.4.2_21
Jre
Version 1.4.2_2
Jre
Version 1.4.2_3
Jre
Version 1.4.2_4
Jre
Version 1.4.2_5
Jre
Version 1.4.2_6
Jre
Version 1.4.2_7
Jre
Version 1.4.2_8
Jre
Version 1.4.2_9
Jre
Version 1.5.0 update10
Jre
Version 1.5.0 update11
Jre
Version 1.5.0 update12
Jre
Version 1.5.0 update1
Jre
Version 1.5.0 update2
Jre
Version 1.5.0 update3
Jre
Version 1.5.0 update4
Jre
Version 1.5.0 update5
Jre
Version 1.5.0 update6
Jre
Version 1.5.0 update7
Jre
Version 1.5.0 update8
Jre
Version 1.5.0 update9
Sun
Sdk
Version 1.4.2_03
Sdk
Version 1.4.2_08
Sdk
Version 1.4.2_09
Sdk
Version 1.4.2_10
Sdk
Version 1.4.2_11
Sdk
Version 1.4.2_12
Sdk
Version 1.4.2_13
Sdk
Version 1.4.2_14
Sdk
Version 1.4.2_15

Related CWEs

CWE-264
CWE-264

References (40)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.