Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4381

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-4381
Last Modified 07 Mar 2011 09:58:28
Published 17 Aug 2007 05:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4381

Summary

Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself.

Vulnerable Systems

Application

  • Sun Jdk 1.5.0

  • Sun Jre 1.4.2

  • Sun Sdk 1.4.2 14


References

VUPEN - ADV-2007-4224

VUPEN - ADV-2007-3009

VUPEN - ADV-2007-2910

SUNALERT - 103024

XF - sun-java-font-privilege-escalation(36061)

SECTRACK - 1018576

BID - 25340

REDHAT - RHSA-2008:0132

REDHAT - RHSA-2008:0100

REDHAT - RHSA-2007:1086

REDHAT - RHSA-2007:0956

GENTOO - GLSA-200709-15

CONFIRM - http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html

SECUNIA - 29897

SECUNIA - 29340

SECUNIA - 28880

SECUNIA - 28777

SECUNIA - 28115

SECUNIA - 28056

SECUNIA - 27716

SECUNIA - 27203

SECUNIA - 26933

SECUNIA - 26631

SECUNIA - 26402

SUSE - SUSE-SA:2008:025

APPLE - APPLE-SA-2007-12-14

MISC - http://docs.info.apple.com/article.html?artnum=307177

BEA - BEA07-177.00

Related Patches

Apple 2007-12-13 Java for Mac OS X 10.4 Release 6


Last Updated: 27 May 2016 10:45:50