Vulnerabilities > CVE-2005-3907 - Privilege Escalation vulnerability in SUN JDK and JRE

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

sun

NVD

Published: 2005-11-30

Updated: 2018-10-30

Summary

Unspecified vulnerability in Java Runtime Environment in Java JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors involving untrusted Java applets.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN JDK 1.5.0_03 SUN JRE 1.3.0 SUN JRE 1.3.1 SUN JRE 1.4.1 SUN JRE 1.4.2 SUN JRE 1.4.2_1 SUN JRE 1.4.2_2 SUN JRE 1.4.2_3 SUN JRE 1.4.2_4 SUN JRE 1.4.2_5 SUN JRE 1.4.2_6 SUN JRE 1.4.2_7 SUN JRE 1.4.2_8 SUN JRE 1.5.0	29

References

http://lists.apple.com/archives/security-announce/2005/Nov/msg00004.html
http://secunia.com/advisories/17748
http://secunia.com/advisories/17847
http://secunia.com/advisories/18092
http://securitytracker.com/id?1015282
http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102050-1
http://www.kb.cert.org/vuls/id/355284
http://www.securityfocus.com/bid/15615
http://www.vupen.com/english/advisories/2005/2636
http://www.vupen.com/english/advisories/2005/2675
https://exchange.xforce.ibmcloud.com/vulnerabilities/23250