CVE Vulnerabilities

CVE-2007-5236

Published: Oct 06, 2007 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.4 MEDIUM
AV:N/AC:H/Au:N/C:C/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
LOW

Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read local files via an untrusted application.

Affected Software

Name Vendor Start Version End Version
Jdk Sun 1.5.0-update1 (including) 1.5.0-update1 (including)
Jdk Sun 1.5.0-update10 (including) 1.5.0-update10 (including)
Jdk Sun 1.5.0-update11 (including) 1.5.0-update11 (including)
Jdk Sun 1.5.0-update12 (including) 1.5.0-update12 (including)
Jdk Sun 1.5.0-update2 (including) 1.5.0-update2 (including)
Jdk Sun 1.5.0-update3 (including) 1.5.0-update3 (including)
Jdk Sun 1.5.0-update4 (including) 1.5.0-update4 (including)
Jdk Sun 1.5.0-update5 (including) 1.5.0-update5 (including)
Jdk Sun 1.5.0-update7 (including) 1.5.0-update7 (including)
Jdk Sun 1.5.0-update8 (including) 1.5.0-update8 (including)
Jdk Sun 1.5.0-update9 (including) 1.5.0-update9 (including)
Jre Sun 1.4.2 (including) 1.4.2 (including)
Jre Sun 1.4.2_1 (including) 1.4.2_1 (including)
Jre Sun 1.4.2_2 (including) 1.4.2_2 (including)
Jre Sun 1.4.2_3 (including) 1.4.2_3 (including)
Jre Sun 1.4.2_4 (including) 1.4.2_4 (including)
Jre Sun 1.4.2_5 (including) 1.4.2_5 (including)
Jre Sun 1.4.2_6 (including) 1.4.2_6 (including)
Jre Sun 1.4.2_7 (including) 1.4.2_7 (including)
Jre Sun 1.4.2_8 (including) 1.4.2_8 (including)
Jre Sun 1.4.2_9 (including) 1.4.2_9 (including)
Jre Sun 1.4.2_10 (including) 1.4.2_10 (including)
Jre Sun 1.4.2_11 (including) 1.4.2_11 (including)
Jre Sun 1.4.2_12 (including) 1.4.2_12 (including)
Jre Sun 1.4.2_13 (including) 1.4.2_13 (including)
Jre Sun 1.4.2_14 (including) 1.4.2_14 (including)
Jre Sun 1.4.2_15 (including) 1.4.2_15 (including)
Jre Sun 1.4.2_21 (including) 1.4.2_21 (including)
Jre Sun 1.5.0-update1 (including) 1.5.0-update1 (including)
Jre Sun 1.5.0-update10 (including) 1.5.0-update10 (including)
Jre Sun 1.5.0-update11 (including) 1.5.0-update11 (including)
Jre Sun 1.5.0-update12 (including) 1.5.0-update12 (including)
Jre Sun 1.5.0-update2 (including) 1.5.0-update2 (including)
Jre Sun 1.5.0-update3 (including) 1.5.0-update3 (including)
Jre Sun 1.5.0-update4 (including) 1.5.0-update4 (including)
Jre Sun 1.5.0-update5 (including) 1.5.0-update5 (including)
Jre Sun 1.5.0-update6 (including) 1.5.0-update6 (including)
Jre Sun 1.5.0-update7 (including) 1.5.0-update7 (including)
Jre Sun 1.5.0-update8 (including) 1.5.0-update8 (including)
Jre Sun 1.5.0-update9 (including) 1.5.0-update9 (including)
Sdk Sun 1.4.2_03 (including) 1.4.2_03 (including)
Sdk Sun 1.4.2_08 (including) 1.4.2_08 (including)
Sdk Sun 1.4.2_09 (including) 1.4.2_09 (including)
Sdk Sun 1.4.2_10 (including) 1.4.2_10 (including)
Sdk Sun 1.4.2_11 (including) 1.4.2_11 (including)
Sdk Sun 1.4.2_12 (including) 1.4.2_12 (including)
Sdk Sun 1.4.2_13 (including) 1.4.2_13 (including)
Sdk Sun 1.4.2_14 (including) 1.4.2_14 (including)
Sdk Sun 1.4.2_15 (including) 1.4.2_15 (including)
Sun-java5 Ubuntu dapper *
Sun-java5 Ubuntu edgy *
Sun-java5 Ubuntu feisty *
Sun-java5 Ubuntu gutsy *
Sun-java5 Ubuntu hardy *
Sun-java5 Ubuntu intrepid *
Sun-java5 Ubuntu jaunty *
Sun-java5 Ubuntu upstream *

References