|Category:||Access Control Error|
CVE-2004-0687, CVE-2004-0688, CVE-2004-0885, CVE-2004-0914, CVE-2005-0605, CVE-2005-2090, CVE-2005-3510, CVE-2005-3964, CVE-2005-4838, CVE-2006-0254, CVE-2006-0898, CVE-2006-1329, CVE-2006-3835, CVE-2006-4339, CVE-2006-5752, CVE-2006-6731, CVE-2006-6736, CVE-2006-6745, CVE-2006-7195, CVE-2006-7196, CVE-2006-7197, CVE-2007-0243, CVE-2007-0450, CVE-2007-1349, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-2449, CVE-2007-2450, CVE-2007-2788, CVE-2007-2789, CVE-2007-3004, CVE-2007-3005, CVE-2007-3304, CVE-2007-3382, CVE-2007-3385, CVE-2007-3503, CVE-2007-3504, CVE-2007-3655, CVE-2007-3698, CVE-2007-3922, CVE-2007-4381, CVE-2007-4465, CVE-2007-5000, CVE-2007-5232, CVE-2007-5461, CVE-2007-5862, CVE-2007-5961, CVE-2007-6306, CVE-2007-6388, CVE-2008-0128
Published on 02/05/07 - Updated on 11/10/17
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.
CWE-264 (Permissions, Privileges, and Access Control)
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
|CERTA-2007-AVI-238, CERTA-2007-AVI-348, CERTA-2007-AVI-546|
No exploits available for this CVE in our database.