Unrated severityNVD Advisory· Published May 2, 2007· Updated Apr 23, 2026
CVE-2007-2435
CVE-2007-2435
Description
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
Affected products
4- cpe:2.3:a:sun:java_enterprise_system:*:update10:*:*:*:*:*:*Range: <=5.0
cpe:2.3:a:sun:jre:*:update10:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sun:jre:*:update10:*:*:*:*:*:*range: <=1.5.0
- cpe:2.3:a:sun:jre:*:update13:*:*:*:*:*:*range: <=1.4.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
31- secunia.com/advisories/25069nvdPatchVendor Advisory
- sunsolve.sun.com/search/document.donvdPatchVendor Advisory
- www.securityfocus.com/bid/23728nvdPatch
- dev2dev.bea.com/pub/advisory/241nvd
- docs.info.apple.com/article.htmlnvd
- lists.apple.com/archives/Security-announce/2007/Dec/msg00001.htmlnvd
- osvdb.org/35483nvd
- secunia.com/advisories/25283nvd
- secunia.com/advisories/25413nvd
- secunia.com/advisories/25474nvd
- secunia.com/advisories/25832nvd
- secunia.com/advisories/26311nvd
- secunia.com/advisories/26369nvd
- secunia.com/advisories/28115nvd
- secunia.com/advisories/29858nvd
- secunia.com/advisories/30780nvd
- security.gentoo.org/glsa/glsa-200706-08.xmlnvd
- security.gentoo.org/glsa/glsa-200804-28.xmlnvd
- support.avaya.com/elmodocs2/security/ASA-2007-199.htmnvd
- www.gentoo.org/security/en/glsa/glsa-200705-23.xmlnvd
- www.gentoo.org/security/en/glsa/glsa-200804-20.xmlnvd
- www.gentoo.org/security/en/glsa/glsa-200806-11.xmlnvd
- www.redhat.com/support/errata/RHSA-2007-0817.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-0829.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0261.htmlnvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2007/1598nvd
- www.vupen.com/english/advisories/2007/1814nvd
- www.vupen.com/english/advisories/2007/4224nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/33984nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999nvd
News mentions
0No linked articles in our index yet.