CVE-2007-5689 — JDK vulnerability

5 documents5 sources

Severity

10.0CRITICALNVD

EPSS

9.8%

top 7.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN JDK SUN JRE SUN SDK

Timeline

PublishedOct 29

Latest updateMay 1

Description

The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDsun/jdk1.6.0+2

▶NVDsun/jre1.3.1+18

▶NVDsun/sdk1.4.2_15+15

Patches

Patch: secunia.com ↗Patch: sunsolve.sun.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-83vr-hv42-q4v5: The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1↗2022-05-01

▶

CVEList

CVE-2007-5689: The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1↗2007-10-29

▶

📋Vendor Advisories

Red Hat

java-jre: Applet Privilege Escalation↗2007-10-23

▶

💬Community

Bugzilla

CVE-2007-5689 java-jre: Applet Privilege Escalation↗2007-11-02

▶