1. CVE-Search
  2. CVE-2005-3907
ID CVE-2005-3907
Summary Unspecified vulnerability in Java Runtime Environment in Java JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors involving untrusted Java applets.
References
Vulnerable Configurations
  • cpe:2.3:a:sun:jdk:1.5.0_03:*:linux:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0_03:*:linux:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0_03:*:solaris:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0_03:*:solaris:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0_03:*:windows:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0_03:*:windows:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:update1:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:update2:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:update3:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:update3:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:update4:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:update4:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:update5:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:update5:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:update1:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:update1:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:update15:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:update15:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:update1a:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:update1a:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:update4:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:update4:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:update8:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:update8:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 30-10-2018 - 16:26)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
apple APPLE-SA-2005-11-30
bid 15615
cert-vn VU#355284
sectrack 1015282
secunia
  • 17748
  • 17847
  • 18092
sunalert 102050
vupen
  • ADV-2005-2636
  • ADV-2005-2675
xf sun-untrusted-applet-gain-privileges(23250)
Last major update 30-10-2018 - 16:26
Published 30-11-2005 - 11:03
Last modified 30-10-2018 - 16:26
Back to Top