漏洞信息详情
Sun Java Web Start 未授权访问漏洞
- CNNVD编号:CNNVD-200705-030
- 危害等级: 超危
![图片[1]-Sun Java Web Start 未授权访问漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-07-05/c4e67a37c54aee8c0e1983d8333a9158.png)
- CVE编号:
CVE-2007-2435
- 漏洞类型:
权限许可和访问控制
- 发布时间:
2007-05-02
- 威胁类型:
远程
- 更新时间:
2007-10-29
- 厂 商:
sun - 漏洞来源:
Fujitsu security t… -
漏洞简介
JDK和JRE Update 中的Sun Java Web Start以及SDK和JRE 中的Java Web Start允许远程攻击者借助一个赋予自己特权的应用程序,执行未授权操作。该漏洞与\”系统级别的不正确使用\”和对JNLP文件的支持有关。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
ftp://anonymous:dev2dev%40bea.com@ftpna.bea.com/pub/releases/security/CR310095_CR318640_CR315192_JR-R24.5_1.4.2_08_linux32.tar.gz
Apple Mac OS X 10.4.10
Apple Java for Mac OS X 10.4, Release 6
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat=
1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg
Apple Mac OS X Server 10.4.10
Apple Java for Mac OS X 10.4, Release 6
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat=
1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg
Apple Mac OS X 10.4.11
Apple Java for Mac OS X 10.4, Release 6
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat=
1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg
Apple Mac OS X Server 10.4.11
Apple Java for Mac OS X 10.4, Release 6
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat=
1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg
参考网址
来源: BID
名称: 23728
链接:http://www.securityfocus.com/bid/23728
来源: VUPEN
名称: ADV-2007-1598
链接:http://www.frsirt.com/english/advisories/2007/1598
来源: SUNALERT
名称: 102881
链接:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1
来源: SECUNIA
名称: 25069
链接:http://secunia.com/advisories/25069
来源: XF
名称: javawebstart-classes-privilege-escalation(33984)
链接:http://xforce.iss.net/xforce/xfdb/33984
来源: SECTRACK
名称: 1017986
链接:http://www.securitytracker.com/id?1017986
来源: REDHAT
名称: RHSA-2007:0829
链接:http://www.redhat.com/support/errata/RHSA-2007-0829.html
来源: REDHAT
名称: RHSA-2007:0817
链接:http://www.redhat.com/support/errata/RHSA-2007-0817.html
来源: GENTOO
名称: GLSA-200705-23
链接:http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml
来源: VUPEN
名称: ADV-2007-1814
链接:http://www.frsirt.com/english/advisories/2007/1814
来源: support.avaya.com
链接:http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm
来源: GENTOO
名称: GLSA-200706-08
链接:http://security.gentoo.org/glsa/glsa-200706-08.xml
来源: SECUNIA
名称: 26369
链接:http://secunia.com/advisories/26369
来源: SECUNIA
名称: 26311
链接:http://secunia.com/advisories/26311
来源: SECUNIA
名称: 25832
链接:http://secunia.com/advisories/25832
来源: SECUNIA
名称: 25474
链接:http://secunia.com/advisories/25474
来源: SECUNIA
名称: 25413
链接:http://secunia.com/advisories/25413
来源: SECUNIA
名称: 25283
链接:http://secunia.com/advisories/25283
来源: BEA
名称: BEA07-173.00
链接:http://dev2dev.bea.com/pub/advisory/241
来源: REDHAT
名称: RHSA-2008:0261
链接:http://www.redhat.com/support/errata/RHSA-2008-0261.html
来源: GENTOO
名称: GLSA-200806-11
链接:http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
来源: GENTOO
名称: GLSA-200804-20
链接:http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
来源: VUPEN
名称: ADV-2007-4224
链接:http://www.frsirt.com/english/advisories/2007/4224
来源: GENTOO
名称: GLSA-200804-28
链接:http://security.gentoo.org/glsa/glsa-200804-28.xml
来源: SECUNIA
名称: 30780
链接:http://secunia.com/advisories/30780
来源: SECUNIA
名称: 29858
链接:http://secunia.com/advisories/29858
来源: SECUNIA
名称: 28115
链接:http://secunia.com/advisories/28115
来源: APPLE
名称: APPLE-SA-2007-12-14
链接: http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
来源: MISC
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
