CVE-2007-5237 — Vulnetix

Try Vulnetix Request Demo

CVE-2007-5237 PUBLISHED CVSS 7.099999904632568 HIGH

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka "two vulnerabilities."

EPSS 1.07% · 77.6th percentile

Risk Scores

CVSS v2.0

7.099999904632568

EPSS Score

1.07%

77.6th percentile

Affected Products

Vendor	Product	Versions
sun	jdk	0
n/a	n/a	n/a
sun	jre	0, 0

Timeline

Oct 6, 2007 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

ADV-2007-3895 vdb
30676 third-party-advisory
29042 third-party-advisory
oval:org.mitre.oval:def:5899 vdb
27693 third-party-advisory
SUSE-SA:2007:055 vendor-advisory
javaweb-cache-information-disclosure(36946) vdb
GLSA-200804-28 vendor-advisory
HPSBUX02284 vendor-advisory
29858 third-party-advisory
ADV-2008-0609 vdb
27261 third-party-advisory
BEA08-198.00 vendor-advisory
30780 third-party-advisory
25920 vdb
ADV-2008-1856 vdb
http://www.vmware.com/security/advisories/VMSA-2008-0010.html url
103073 vendor-advisory
1018770 vdb
GLSA-200804-20 vendor-advisory

…and 2 more

Open in Interactive Console →