National Cyber Awareness System

Vulnerability Summary for CVE-2007-5689

Overview

The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: SUNALERT

Name: 103112

Type: Patch Information

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1

External Source: SECUNIA

Name: 27320

Type: Advisory; Patch Information

Hyperlink:http://secunia.com/advisories/27320

External Source: VUPEN

Name: ADV-2008-1856

Hyperlink:http://www.vupen.com/english/advisories/2008/1856/references

External Source: VUPEN

Name: ADV-2008-0609

Hyperlink:http://www.vupen.com/english/advisories/2008/0609

External Source: VUPEN

Name: ADV-2007-3895

Hyperlink:http://www.vupen.com/english/advisories/2007/3895

External Source: VUPEN

Name: ADV-2007-3589

Hyperlink:http://www.vupen.com/english/advisories/2007/3589

External Source: CONFIRM

Name: http://www.vmware.com/security/advisories/VMSA-2008-0010.html

Hyperlink:http://www.vmware.com/security/advisories/VMSA-2008-0010.html

External Source: GENTOO

Name: GLSA-200806-11

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml

External Source: SECUNIA

Name: 30780

Hyperlink:http://secunia.com/advisories/30780

External Source: SECUNIA

Name: 30676

Hyperlink:http://secunia.com/advisories/30676

External Source: OVAL

Name: oval:org.mitre.oval:def:9898

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9898

External Source: OSVDB

Name: 40834

Hyperlink:http://osvdb.org/40834

External Source: HP

Name: HPSBUX02284

Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533

External Source: HP

Name: HPSBUX02284

Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533

External Source: SECTRACK

Name: 1018847

Hyperlink:http://www.securitytracker.com/id?1018847

External Source: BID

Name: 26185

Hyperlink:http://www.securityfocus.com/bid/26185

External Source: GENTOO

Name: GLSA-200804-20

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml

External Source: CONFIRM

Name: http://support.avaya.com/elmodocs2/security/ASA-2007-480.htm

Hyperlink:http://support.avaya.com/elmodocs2/security/ASA-2007-480.htm

External Source: GENTOO

Name: GLSA-200804-28

Hyperlink:http://security.gentoo.org/glsa/glsa-200804-28.xml

External Source: SECUNIA

Name: 29858

Hyperlink:http://secunia.com/advisories/29858

External Source: SECUNIA

Name: 29042

Hyperlink:http://secunia.com/advisories/29042

External Source: SECUNIA

Name: 27693

Hyperlink:http://secunia.com/advisories/27693

External Source: BEA

Name: BEA08-198.00

Hyperlink:http://dev2dev.bea.com/pub/advisory/272

References to Check Content

Identifier:oval:org.mitre.oval:def:9898

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9898