CVE-2007-5239: CVE-2007-5239

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-5239

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Sun JDK和JRE Java Web Start权限许可和访问控制漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Sun JDK和JRE 6 Update 2版本及其早期版本, JDK和JRE 5.0 Update 12版本及其早期版本, SDK和JRE 1.4.2_15版本及其早期版本,以及SDK和JRE 1.3.1_20版本及其早期版本的的Java Web Start不能正确执行对以下不被信任的文件限制：(1)应用程序以及(2) applets,当本地用户执行drag-and-drop操作不被信任的应用程序或desktop应用程序的特定类型的applet window时，用户协助式的远程攻击者可以复制或重命名任

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-5239

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-5239

Please Login to view more intelligence information

http://www.vmware.com/security/advisories/VMSA-2008-0010.htmlx_refsource_CONFIRM
http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.htmlx_refsource_CONFIRM
http://secunia.com/advisories/30780third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29897third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29214third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27206third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30676third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29042third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29858third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29340third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27693third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27804third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28880third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27261third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27716third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28777third-party-advisoryx_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1vendor-advisoryx_refsource_SUNALERT
http://securitytracker.com/id?1018814vdb-entryx_refsource_SECTRACK
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533vendor-advisoryx_refsource_HP
http://dev2dev.bea.com/pub/advisory/272vendor-advisoryx_refsource_BEA
http://www.vupen.com/english/advisories/2007/3895vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/1856/referencesvdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/0609vdb-entryx_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2007-0963.htmlvendor-advisoryx_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-200804-28.xmlvendor-advisoryx_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2008-0156.htmlvendor-advisoryx_refsource_REDHAT
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xmlvendor-advisoryx_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2007-1041.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2008-0132.htmlvendor-advisoryx_refsource_REDHAT
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xmlvendor-advisoryx_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2008-0100.htmlvendor-advisoryx_refsource_REDHAT
http://www.novell.com/linux/security/advisories/2007_55_java.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.htmlvendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8758vdb-entrysignaturex_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/36950vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/482926/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-5239

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2007-5239

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2007-5239

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-5239

III. Intelligence Information for CVE-2007-5239

New Vulnerabilities

V. Comments for CVE-2007-5239

Leave a comment