Vulnerability in N/a
CVE-2007-3655
Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file.
EPSS: 0.622 (98.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- RHSA-2007:0818 (x_refsource_REDHAT, vendor-advisory)
- 37756 (x_refsource_OSVDB, vdb-entry)
- docs.info.apple.com/article.html (x_refsource_MISC)
- ADV-2007-2477 (vdb-entry, x_refsource_VUPEN)
- 26314 (x_refsource_SECUNIA, third-party-advisory)
- 24832 (vdb-entry, x_refsource_BID)
- 26369 (x_refsource_SECUNIA, third-party-advisory)
- sun-java-jnlp-bo(35320) (vdb-entry, x_refsource_XF)
- GLSA-200804-28 (vendor-advisory, x_refsource_GENTOO)
- 29858 (x_refsource_SECUNIA, third-party-advisory)