CVE-2007-5237

Publication date 6 October 2007

Last updated 24 July 2024

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka “two vulnerabilities.”

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
sun-java6	8.04 LTS hardy	Fixed 6-03-0ubuntu2
	7.10 gutsy	Fixed 6-03-0ubuntu2
	7.04 feisty	Ignored end of life, was needed
	6.10 edgy	Not in release
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2007-5237