CVE-2005-0836

3 documents3 sources

Severity

10.0CRITICAL

EPSS

2.4%

top 15.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN J2se

Timeline

PublishedMay 2

Latest updateMay 1

Description

Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDsun/j2se7 versions+6

Patches

Patch: www.gentoo.org ↗Patch: www.securityfocus.com ↗Patch: www.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-cm9f-c35v-2642: Argument injection vulnerability in Java Web Start for J2SE 1↗2022-05-01

▶

CVEList

CVE-2005-0836: Argument injection vulnerability in Java Web Start for J2SE 1↗2005-03-22

▶