Unrated severityNVD Advisory· Published May 2, 2007· Updated Jun 16, 2026
CVE-2007-2435
CVE-2007-2435
Description
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- cpe:2.3:a:sun:java_enterprise_system:*:update10:*:*:*:*:*:*Range: <=5.0
cpe:2.3:a:sun:jre:*:update10:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sun:jre:*:update10:*:*:*:*:*:*range: <=1.5.0
- cpe:2.3:a:sun:jre:*:update13:*:*:*:*:*:*range: <=1.4.2
- Range: 5.0 Update 10 and earlier, 1.4.2_13 and earlier
Patches
Vulnerability mechanics
References
31- secunia.com/advisories/25069nvdPatchVendor Advisory
- sunsolve.sun.com/search/document.donvdPatchVendor Advisory
- www.securityfocus.com/bid/23728nvdPatch
- dev2dev.bea.com/pub/advisory/241nvd
- docs.info.apple.com/article.htmlnvd
- lists.apple.com/archives/Security-announce/2007/Dec/msg00001.htmlnvd
- osvdb.org/35483nvd
- secunia.com/advisories/25283nvd
- secunia.com/advisories/25413nvd
- secunia.com/advisories/25474nvd
- secunia.com/advisories/25832nvd
- secunia.com/advisories/26311nvd
- secunia.com/advisories/26369nvd
- secunia.com/advisories/28115nvd
- secunia.com/advisories/29858nvd
- secunia.com/advisories/30780nvd
- security.gentoo.org/glsa/glsa-200706-08.xmlnvd
- security.gentoo.org/glsa/glsa-200804-28.xmlnvd
- support.avaya.com/elmodocs2/security/ASA-2007-199.htmnvd
- www.gentoo.org/security/en/glsa/glsa-200705-23.xmlnvd
- www.gentoo.org/security/en/glsa/glsa-200804-20.xmlnvd
- www.gentoo.org/security/en/glsa/glsa-200806-11.xmlnvd
- www.redhat.com/support/errata/RHSA-2007-0817.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-0829.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0261.htmlnvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2007/1598nvd
- www.vupen.com/english/advisories/2007/1814nvd
- www.vupen.com/english/advisories/2007/4224nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/33984nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999nvd
News mentions
0No linked articles in our index yet.