PublicDate: 2007-10-06 00:17:00 UTC
Candidate: CVE-2007-5239
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5239
Description:
 Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0
 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE
 1.3.1_20 and earlier does not properly enforce access restrictions for
 untrusted (1) applications and (2) applets, which allows user-assisted
 remote attackers to copy or rename arbitrary files when local users perform
 drag-and-drop operations from the untrusted application or applet window
 onto certain types of desktop applications.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 
upstream_sun-java6: released (6 Update 3)
dapper_sun-java6: DNE
edgy_sun-java6: DNE
feisty_sun-java6: needed (reached end-of-life)
gutsy_sun-java6: released (6-03-0ubuntu2)
hardy_sun-java6: released (6-03-0ubuntu2)
intrepid_sun-java6: released (6-03-0ubuntu2)
jaunty_sun-java6: released (6-03-0ubuntu2)
karmic_sun-java6: released (6-03-0ubuntu2)
devel_sun-java6: released (6-03-0ubuntu2)
upstream_sun-java5: released (5.0 Update 13)
dapper_sun-java5: ignored (reached end-of-life)
edgy_sun-java5: needed (reached end-of-life)
feisty_sun-java5: needed (reached end-of-life)
gutsy_sun-java5: released (1.5.0-13-0ubuntu1)
hardy_sun-java5: released (1.5.0-13-0ubuntu1)
intrepid_sun-java5: released (1.5.0-13-0ubuntu1)
jaunty_sun-java5: released (1.5.0-13-0ubuntu1)
karmic_sun-java5: DNE
devel_sun-java5: DNE