CVE-2007-4381

Severity

93%

Complexity

86%

Confidentiality

165%

Additional information regarding this CVE can be found at SecurityFocus: http://www.securityfocus.com/bid/25340

Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself.

Additional information regarding this CVE can be found at SecurityFocus: http://www.securityfocus.com/bid/25340

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

First reported 17 years ago

2007-08-17 21:17:00

Last updated 7 years ago

2017-09-29 01:29:00

Affected Software

Sun SDK

References

BEA07-177.00

http://docs.info.apple.com/article.html?artnum=307177

APPLE-SA-2007-12-14

SUSE-SA:2008:025

26402

26631

26933

27203

27716

28056

28115

28777

28880

29340

29897

103024

http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html

GLSA-200709-15

RHSA-2007:0956

RHSA-2007:1086

RHSA-2008:0100

RHSA-2008:0132

25340

1018576

ADV-2007-2910

ADV-2007-3009

ADV-2007-4224

sun-java-font-privilege-escalation(36061)

oval:org.mitre.oval:def:10290

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.