CVE-2002-2005

CWE-239 CWE-281 CWE-42 CWE-43924 documents7 sources

Severity

7.5HIGH

EPSS

0.7%

top 27.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Java WEB Start

Timeline

PublishedDec 31

Latest updateApr 30

Description

Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDsun/java_web_start1.0, 1.0.1, 1.0.1_01+2

Patches

Patch: archives.neohapsis.com ↗Patch: cert.uni-stuttgart.de ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-25q4-mg92-89j6: Unknown vulnerability in Java web start 1↗2022-04-30

▶

CVEList

CVE-2002-2005: Unknown vulnerability in Java web start 1↗2005-07-14

▶

💥Exploits & PoCs

Exploit-DB

SCO Unixware 7.1.3 - 'ptrace' Local Privilege Escalation↗2006-02-26

▶

Exploit-DB

Microsoft Excel 95/97/2000/2002/2003/2004 - Malformed Range Memory Corruption↗2005-12-08

▶

Exploit-DB

Mambo 4.5.2.1 - Fetch Password Hash↗2005-06-15

▶

Exploit-DB

Microsoft Jet Database - 'msjet40.dll' Code Execution (Reverse Shell) (2)↗2005-04-22

▶

Exploit-DB

Microsoft Jet Database - 'msjet40.dll' DB File Buffer Overflow↗2005-04-11

▶

📋Vendor Advisories

Red Hat

tar archive path traversal issue↗2003-07-21

▶

📐Framework References

CWE

Failure to Handle Incomplete Element↗

▶

CWE

Improper Preservation of Permissions

▶

CWE

Path Equivalence: 'filename.' (Trailing Dot)↗

▶

CWE

Behavioral Change in New Version or Environment↗

▶

💬Community

Bugzilla

A number of tomcat issues↗2007-05-09

▶

Bugzilla

Multiple tar issues (CVE-2005-1918, CVE-2006-0300)↗2006-03-02

▶

Bugzilla

CVE-2002-2185 IGMP DoS (ipf)↗2005-12-02

▶

Bugzilla

CVE-2002-2185 IGMP DoS↗2005-12-02

▶

Bugzilla

CVE-2002-2185 IGMP DoS↗2005-12-02

▶