CVE-2007-2435

N/A Unknown
Published: May 02, 2007 Modified: April 23, 2026
View on NVD

Description

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://dev2dev.bea.com/pub/advisory/241
Source: cve@mitre.org
http://docs.info.apple.com/article.html?artnum=307177
Source: cve@mitre.org
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
Source: cve@mitre.org
http://osvdb.org/35483
Source: cve@mitre.org
http://secunia.com/advisories/25069
Source: cve@mitre.org
Patch Vendor Advisory
http://secunia.com/advisories/25283
Source: cve@mitre.org
http://secunia.com/advisories/25413
Source: cve@mitre.org
http://secunia.com/advisories/25474
Source: cve@mitre.org
http://secunia.com/advisories/25832
Source: cve@mitre.org
http://secunia.com/advisories/26311
Source: cve@mitre.org
http://secunia.com/advisories/26369
Source: cve@mitre.org
http://secunia.com/advisories/28115
Source: cve@mitre.org
http://secunia.com/advisories/29858
Source: cve@mitre.org
http://secunia.com/advisories/30780
Source: cve@mitre.org
http://security.gentoo.org/glsa/glsa-200706-08.xml
Source: cve@mitre.org
http://security.gentoo.org/glsa/glsa-200804-28.xml
Source: cve@mitre.org
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1
Source: cve@mitre.org
Patch Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm
Source: cve@mitre.org
http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml
Source: cve@mitre.org
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
Source: cve@mitre.org
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
Source: cve@mitre.org
http://www.redhat.com/support/errata/RHSA-2007-0817.html
Source: cve@mitre.org
http://www.redhat.com/support/errata/RHSA-2007-0829.html
Source: cve@mitre.org
http://www.redhat.com/support/errata/RHSA-2008-0261.html
Source: cve@mitre.org
http://www.securityfocus.com/bid/23728
Source: cve@mitre.org
Patch
http://www.securitytracker.com/id?1017986
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2007/1598
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2007/1814
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2007/4224
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/33984
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999
Source: cve@mitre.org
http://dev2dev.bea.com/pub/advisory/241
Source: af854a3a-2127-422b-91ae-364da2661108
http://docs.info.apple.com/article.html?artnum=307177
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://osvdb.org/35483
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25069
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/25283
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25413
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25474
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25832
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/26311
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/26369
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/28115
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/29858
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/30780
Source: af854a3a-2127-422b-91ae-364da2661108
http://security.gentoo.org/glsa/glsa-200706-08.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://security.gentoo.org/glsa/glsa-200804-28.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0817.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0829.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2008-0261.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/23728
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securitytracker.com/id?1017986
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/1598
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/1814
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/4224
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/33984
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999
Source: af854a3a-2127-422b-91ae-364da2661108

62 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
3.7%
88th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-264

Affected Vendors

sun

Related CVEs

CVE-2026-8657 8.2
CVE-2026-8656 6.1
CVE-2026-8681 5.3
CVE-2026-8704 N/A
CVE-2026-8700 N/A