Privilege Escalation Vulnerability in Sun Java Web Start Software
CVE-2007-2435

Currently unrated

Key Information:

Vendor: Oracle
Status: Sdk; Jre; Java Enterprise System
Vendor: CVE Published:; 2 May 2007

What is CVE-2007-2435?

The vulnerability in Sun Java Web Start allows attackers to exploit the software's handling of JNLP files, leading to unauthorized actions. This is due to incorrect usage of system classes, enabling remote attackers to escalate their privileges undetected. Organizations should promptly address this vulnerability to prevent potential exploitation.

References

http://docs.info.apple.com/article.html?artnum=307177

x_refsource_MISC

http://dev2dev.bea.com/pub/advisory/241

vendor-advisoryx_refsource_BEA

http://www.securityfocus.com/bid/23728

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2007
Vulnerability Reserved
May 1, 2007

Oracle

What is CVE-2007-2435?

References

Timeline