← Back

CVE-2007-5238

nvd nist
Published: Oct 6, 2007Modified: Apr 23, 2026

JSON object

Loading...
2.6
Vector
AV:N/AC:H/Au:N/C:P/I:N/A:N
Exploitability: 4.9 / Impact: 2.9
Source: NVD

Description

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web Start cache location) via an untrusted application, aka "three vulnerabilities."

Affected (64)

Products: Sun: Jdk, Jre, Sdk
Sun
3 products
Jdk
Jre
Sdk
Configuration A
64 vulnerable
Vulnerable SoftwareAffected Versions
Sun
Jdk
Version 1.5.0 update10
Jdk
Version 1.5.0 update11
Jdk
Version 1.5.0 update12
Jdk
Version 1.5.0 update1
Jdk
Version 1.5.0 update2
Jdk
Version 1.5.0 update3
Jdk
Version 1.5.0 update4
Jdk
Version 1.5.0 update5
Jdk
Version 1.5.0 update7
Jdk
Version 1.5.0 update8
Jdk
Version 1.5.0 update9
Jdk
Version 1.6.0 update1
Jdk
Version 1.6.0 update2
Sun
Jre
Version 1.3.0
Jre
Version 1.3.0 update5
Jre
Version 1.3.1 update16
Jre
Version 1.3.1 update18
Jre
Version 1.3.1 update19
Jre
Version 1.3.1 update1
Jre
Version 1.3.1 update1a
Jre
Version 1.3.1 update20
Jre
Version 1.4.1 update3
Jre
Version 1.4.2
Jre
Version 1.4.2_10
Jre
Version 1.4.2_11
Jre
Version 1.4.2_12
Jre
Version 1.4.2_13
Jre
Version 1.4.2_14
Jre
Version 1.4.2_15
Jre
Version 1.4.2_1
Jre
Version 1.4.2_3
Jre
Version 1.4.2_8
Jre
Version 1.4.2_9
Jre
Version 1.4
Jre
Version 1.5.0 update10
Jre
Version 1.5.0 update11
Jre
Version 1.5.0 update12
Jre
Version 1.5.0 update1
Jre
Version 1.5.0 update2
Jre
Version 1.5.0 update3
Jre
Version 1.5.0 update4
Jre
Version 1.5.0 update5
Jre
Version 1.5.0 update6
Jre
Version 1.5.0 update7
Jre
Version 1.5.0 update8
Jre
Version 1.5.0 update9
Jre
Version 1.6.0 update_1
Jre
Version 1.6.0 update_2
Sun
Sdk
Version 1.3.1_01
Sdk
Version 1.3.1_01a
Sdk
Version 1.3.1_16
Sdk
Version 1.3.1_18
Sdk
Version 1.3.1_19
Sdk
Version 1.3.1_20
Sdk
Version 1.4.2
Sdk
Version 1.4.2_03
Sdk
Version 1.4.2_08
Sdk
Version 1.4.2_09
Sdk
Version 1.4.2_10
Sdk
Version 1.4.2_11
Sdk
Version 1.4.2_12
Sdk
Version 1.4.2_13
Sdk
Version 1.4.2_14
Sdk
Version 1.4.2_15

Related CWEs

CWE-264
CWE-264

References (66)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.