Vulnerability-Lookup

CVE-2007-2788 (GCVE-0-2007-2788)

Vulnerability from cvelistv5 – Published: 2007-05-22 04:00 – Updated: 2024-08-07 13:49

Summary

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/26933	third-party-advisoryx_refsource_SECUNIA
	http://docs.info.apple.com/article.html?artnum=307177	x_refsource_MISC
	http://lists.vmware.com/pipermail/security-announ…	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/26049	third-party-advisoryx_refsource_SECUNIA
	http://dev2dev.bea.com/pub/advisory/248	vendor-advisoryx_refsource_BEA
	http://secunia.com/advisories/26311	third-party-advisoryx_refsource_SECUNIA
	http://www.attrition.org/pipermail/vim/2007-July/…	mailing-listx_refsource_VIM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://scary.beasts.org/security/CESA-2006-004.html	x_refsource_MISC
	http://secunia.com/advisories/30805	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/0065	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.kb.cert.org/vuls/id/138545	third-party-advisoryx_refsource_CERT-VN
	http://www.gentoo.org/security/en/glsa/glsa-20070…	vendor-advisoryx_refsource_GENTOO
	http://www.securityfocus.com/bid/24004	vdb-entryx_refsource_BID
	http://www.attrition.org/pipermail/vim/2007-Decem…	mailing-listx_refsource_VIM
	http://secunia.com/advisories/26369	third-party-advisoryx_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200804-28.xml	vendor-advisoryx_refsource_GENTOO
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://secunia.com/advisories/28056	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29858	third-party-advisoryx_refsource_SECUNIA
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://www.vupen.com/english/advisories/2007/1836	vdb-entryx_refsource_VUPEN
	http://lists.apple.com/archives/Security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.redhat.com/support/errata/RHSA-2008-01…	vendor-advisoryx_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2007-09…	vendor-advisoryx_refsource_REDHAT
	http://support.novell.com/techcenter/psdb/4f850d1…	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2007-08…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/26645	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/26119	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/28365	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/24267	vdb-entryx_refsource_BID
	http://secunia.com/advisories/25832	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/4224	vdb-entryx_refsource_VUPEN
	http://security.gentoo.org/glsa/glsa-200706-08.xml	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/30780	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25295	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/3009	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/27266	third-party-advisoryx_refsource_SECUNIA
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://www.attrition.org/pipermail/vim/2007-July/…	mailing-listx_refsource_VIM
	http://www.gentoo.org/security/en/glsa/glsa-20070…	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/28115	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1018182	vdb-entryx_refsource_SECTRACK
	http://www.redhat.com/support/errata/RHSA-2008-02…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/29340	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25474	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-10…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/27203	third-party-advisoryx_refsource_SECUNIA
	http://www.attrition.org/pipermail/vim/2007-July/…	mailing-listx_refsource_VIM
	http://www.gentoo.org/security/en/glsa/glsa-20080…	vendor-advisoryx_refsource_GENTOO
	http://www.gentoo.org/security/en/glsa/glsa-20080…	vendor-advisoryx_refsource_GENTOO
	http://support.novell.com/techcenter/psdb/d2f549c…	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2007-08…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/26631	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.redhat.com/support/errata/RHSA-2008-01…	vendor-advisoryx_refsource_REDHAT

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:49:57.375Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "26933",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26933"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307177"
          },
          {
            "name": "[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
          },
          {
            "name": "26049",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26049"
          },
          {
            "name": "BEA07-177.00",
            "tags": [
              "vendor-advisory",
              "x_refsource_BEA",
              "x_transferred"
            ],
            "url": "http://dev2dev.bea.com/pub/advisory/248"
          },
          {
            "name": "26311",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26311"
          },
          {
            "name": "20070703 Sun JDK Confusion",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-July/001696.html"
          },
          {
            "name": "sun-java-image-bo(34652)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34652"
          },
          {
            "name": "200856",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2006-004.html"
          },
          {
            "name": "30805",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30805"
          },
          {
            "name": "ADV-2008-0065",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0065"
          },
          {
            "name": "sunjava-iccprofile-overflow(34318)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34318"
          },
          {
            "name": "VU#138545",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/138545"
          },
          {
            "name": "GLSA-200705-23",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
          },
          {
            "name": "24004",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24004"
          },
          {
            "name": "20071218 Sun JDK Confusion Revisited",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-December/001862.html"
          },
          {
            "name": "26369",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26369"
          },
          {
            "name": "GLSA-200804-28",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
          },
          {
            "name": "102934",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1"
          },
          {
            "name": "28056",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28056"
          },
          {
            "name": "29858",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29858"
          },
          {
            "name": "SUSE-SA:2007:045",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
          },
          {
            "name": "ADV-2007-1836",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1836"
          },
          {
            "name": "APPLE-SA-2007-12-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
          },
          {
            "name": "RHSA-2008:0100",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0100.html"
          },
          {
            "name": "RHSA-2007:0956",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0956.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
          },
          {
            "name": "RHSA-2007:0817",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
          },
          {
            "name": "26645",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26645"
          },
          {
            "name": "26119",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26119"
          },
          {
            "name": "28365",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28365"
          },
          {
            "name": "24267",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24267"
          },
          {
            "name": "25832",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25832"
          },
          {
            "name": "ADV-2007-4224",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4224"
          },
          {
            "name": "GLSA-200706-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
          },
          {
            "name": "30780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30780"
          },
          {
            "name": "25295",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25295"
          },
          {
            "name": "ADV-2007-3009",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3009"
          },
          {
            "name": "27266",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27266"
          },
          {
            "name": "SUSE-SA:2007:056",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html"
          },
          {
            "name": "20070711 Sun JDK Confusion",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-July/001708.html"
          },
          {
            "name": "GLSA-200709-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml"
          },
          {
            "name": "28115",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28115"
          },
          {
            "name": "1018182",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018182"
          },
          {
            "name": "RHSA-2008:0261",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
          },
          {
            "name": "29340",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29340"
          },
          {
            "name": "25474",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25474"
          },
          {
            "name": "RHSA-2007:1086",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1086.html"
          },
          {
            "name": "27203",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27203"
          },
          {
            "name": "20070704 [theall at tenablesecurity.com: Sun JDK Confusion] (fwd)",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-July/001697.html"
          },
          {
            "name": "GLSA-200804-20",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
          },
          {
            "name": "GLSA-200806-11",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
          },
          {
            "name": "RHSA-2007:0829",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
          },
          {
            "name": "26631",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26631"
          },
          {
            "name": "oval:org.mitre.oval:def:11700",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700"
          },
          {
            "name": "RHSA-2008:0133",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0133.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-15T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "26933",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26933"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307177"
        },
        {
          "name": "[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
        },
        {
          "name": "26049",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26049"
        },
        {
          "name": "BEA07-177.00",
          "tags": [
            "vendor-advisory",
            "x_refsource_BEA"
          ],
          "url": "http://dev2dev.bea.com/pub/advisory/248"
        },
        {
          "name": "26311",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26311"
        },
        {
          "name": "20070703 Sun JDK Confusion",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-July/001696.html"
        },
        {
          "name": "sun-java-image-bo(34652)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34652"
        },
        {
          "name": "200856",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2006-004.html"
        },
        {
          "name": "30805",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30805"
        },
        {
          "name": "ADV-2008-0065",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0065"
        },
        {
          "name": "sunjava-iccprofile-overflow(34318)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34318"
        },
        {
          "name": "VU#138545",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/138545"
        },
        {
          "name": "GLSA-200705-23",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
        },
        {
          "name": "24004",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24004"
        },
        {
          "name": "20071218 Sun JDK Confusion Revisited",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-December/001862.html"
        },
        {
          "name": "26369",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26369"
        },
        {
          "name": "GLSA-200804-28",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
        },
        {
          "name": "102934",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1"
        },
        {
          "name": "28056",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28056"
        },
        {
          "name": "29858",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29858"
        },
        {
          "name": "SUSE-SA:2007:045",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
        },
        {
          "name": "ADV-2007-1836",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1836"
        },
        {
          "name": "APPLE-SA-2007-12-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
        },
        {
          "name": "RHSA-2008:0100",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0100.html"
        },
        {
          "name": "RHSA-2007:0956",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0956.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
        },
        {
          "name": "RHSA-2007:0817",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
        },
        {
          "name": "26645",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26645"
        },
        {
          "name": "26119",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26119"
        },
        {
          "name": "28365",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28365"
        },
        {
          "name": "24267",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24267"
        },
        {
          "name": "25832",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25832"
        },
        {
          "name": "ADV-2007-4224",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4224"
        },
        {
          "name": "GLSA-200706-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
        },
        {
          "name": "30780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30780"
        },
        {
          "name": "25295",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25295"
        },
        {
          "name": "ADV-2007-3009",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3009"
        },
        {
          "name": "27266",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27266"
        },
        {
          "name": "SUSE-SA:2007:056",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html"
        },
        {
          "name": "20070711 Sun JDK Confusion",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-July/001708.html"
        },
        {
          "name": "GLSA-200709-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml"
        },
        {
          "name": "28115",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28115"
        },
        {
          "name": "1018182",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018182"
        },
        {
          "name": "RHSA-2008:0261",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
        },
        {
          "name": "29340",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29340"
        },
        {
          "name": "25474",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25474"
        },
        {
          "name": "RHSA-2007:1086",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1086.html"
        },
        {
          "name": "27203",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27203"
        },
        {
          "name": "20070704 [theall at tenablesecurity.com: Sun JDK Confusion] (fwd)",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-July/001697.html"
        },
        {
          "name": "GLSA-200804-20",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
        },
        {
          "name": "GLSA-200806-11",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
        },
        {
          "name": "RHSA-2007:0829",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
        },
        {
          "name": "26631",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26631"
        },
        {
          "name": "oval:org.mitre.oval:def:11700",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700"
        },
        {
          "name": "RHSA-2008:0133",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0133.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2788",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "26933",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26933"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307177",
              "refsource": "MISC",
              "url": "http://docs.info.apple.com/article.html?artnum=307177"
            },
            {
              "name": "[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
            },
            {
              "name": "26049",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26049"
            },
            {
              "name": "BEA07-177.00",
              "refsource": "BEA",
              "url": "http://dev2dev.bea.com/pub/advisory/248"
            },
            {
              "name": "26311",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26311"
            },
            {
              "name": "20070703 Sun JDK Confusion",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-July/001696.html"
            },
            {
              "name": "sun-java-image-bo(34652)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34652"
            },
            {
              "name": "200856",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1"
            },
            {
              "name": "http://scary.beasts.org/security/CESA-2006-004.html",
              "refsource": "MISC",
              "url": "http://scary.beasts.org/security/CESA-2006-004.html"
            },
            {
              "name": "30805",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30805"
            },
            {
              "name": "ADV-2008-0065",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0065"
            },
            {
              "name": "sunjava-iccprofile-overflow(34318)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34318"
            },
            {
              "name": "VU#138545",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/138545"
            },
            {
              "name": "GLSA-200705-23",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
            },
            {
              "name": "24004",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24004"
            },
            {
              "name": "20071218 Sun JDK Confusion Revisited",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-December/001862.html"
            },
            {
              "name": "26369",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26369"
            },
            {
              "name": "GLSA-200804-28",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
            },
            {
              "name": "102934",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1"
            },
            {
              "name": "28056",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28056"
            },
            {
              "name": "29858",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29858"
            },
            {
              "name": "SUSE-SA:2007:045",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
            },
            {
              "name": "ADV-2007-1836",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1836"
            },
            {
              "name": "APPLE-SA-2007-12-14",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
            },
            {
              "name": "RHSA-2008:0100",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0100.html"
            },
            {
              "name": "RHSA-2007:0956",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0956.html"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
            },
            {
              "name": "RHSA-2007:0817",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
            },
            {
              "name": "26645",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26645"
            },
            {
              "name": "26119",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26119"
            },
            {
              "name": "28365",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28365"
            },
            {
              "name": "24267",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24267"
            },
            {
              "name": "25832",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25832"
            },
            {
              "name": "ADV-2007-4224",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4224"
            },
            {
              "name": "GLSA-200706-08",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
            },
            {
              "name": "30780",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30780"
            },
            {
              "name": "25295",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25295"
            },
            {
              "name": "ADV-2007-3009",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3009"
            },
            {
              "name": "27266",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27266"
            },
            {
              "name": "SUSE-SA:2007:056",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html"
            },
            {
              "name": "20070711 Sun JDK Confusion",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-July/001708.html"
            },
            {
              "name": "GLSA-200709-15",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml"
            },
            {
              "name": "28115",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28115"
            },
            {
              "name": "1018182",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018182"
            },
            {
              "name": "RHSA-2008:0261",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
            },
            {
              "name": "29340",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29340"
            },
            {
              "name": "25474",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25474"
            },
            {
              "name": "RHSA-2007:1086",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1086.html"
            },
            {
              "name": "27203",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27203"
            },
            {
              "name": "20070704 [theall at tenablesecurity.com: Sun JDK Confusion] (fwd)",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-July/001697.html"
            },
            {
              "name": "GLSA-200804-20",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
            },
            {
              "name": "GLSA-200806-11",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
            },
            {
              "name": "RHSA-2007:0829",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
            },
            {
              "name": "26631",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26631"
            },
            {
              "name": "oval:org.mitre.oval:def:11700",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700"
            },
            {
              "name": "RHSA-2008:0133",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0133.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2788",
    "datePublished": "2007-05-22T04:00:00.000Z",
    "dateReserved": "2007-05-21T04:00:00.000Z",
    "dateUpdated": "2024-08-07T13:49:57.375Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-CJWJ-WVCJ-RR5C

Vulnerability from github – Published: 2022-05-01 18:07 – Updated: 2022-05-01 18:07

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-2788"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-05-22T00:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.",
  "id": "GHSA-cjwj-wvcj-rr5c",
  "modified": "2022-05-01T18:07:15Z",
  "published": "2022-05-01T18:07:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2788"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34318"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34652"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700"
    },
    {
      "type": "WEB",
      "url": "http://dev2dev.bea.com/pub/advisory/248"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=307177"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
    },
    {
      "type": "WEB",
      "url": "http://scary.beasts.org/security/CESA-2006-004.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25295"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25474"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25832"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26049"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26119"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26311"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26369"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26631"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26645"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26933"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27203"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27266"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28056"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28115"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28365"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29340"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29858"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30780"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30805"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1"
    },
    {
      "type": "WEB",
      "url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
    },
    {
      "type": "WEB",
      "url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
    },
    {
      "type": "WEB",
      "url": "http://www.attrition.org/pipermail/vim/2007-December/001862.html"
    },
    {
      "type": "WEB",
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001696.html"
    },
    {
      "type": "WEB",
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001697.html"
    },
    {
      "type": "WEB",
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001708.html"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/138545"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0956.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1086.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0100.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0133.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24004"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24267"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018182"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/1836"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/3009"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4224"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0065"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2007-AVI-348

Vulnerability from certfr_avis - Published: 2007-08-07 - Updated: 2007-11-16

Plusieurs vulnérabilités dans les paquetages java-1.4.2-ibm permettent à un utilisateur malveillant de contourner la politique de sécurité du système vulnérable.

Description

Une première vulnérabilité, liée à Java Web Start, permet à un utilisateur d'élever ses privilèges et d'accéder indûment à des fichiers en lecture et en modification (CVE-2007-2435).

Une seconde vulnérabilité permet à une application (ou à une applet) d'élever ses privilèges et d'exécuter un code arbitraire sur la machine virtuelle (CVE-2007-3004).

Une troisième vulnérabilité permet de bloquer la machine virtuelle, provoquant un déni de service (CVE-2007-3005).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	N/A	Sun Java JDK 1.6.x ;
IBM	N/A	Sun Java JDK 1.5.x ;
IBM	N/A	Sun Java JRE 1.3.x ;
IBM	N/A	Sun Java JRE 1.5.x / 5.x ;
IBM	N/A	Sun Java SDK 1.3.x ;
IBM	N/A	Sun Java JRE 1.4.x ;
IBM	N/A	Sun Java JRE 1.6.x / 6.x ;
IBM	N/A	Sun Java SDK 1.4.x.
IBM	N/A	Sun Java Enterprise System 5.x (JSSE) 1.x ;

References

Title

Publication Time

Tags

Avis Redhat RHSA-2007:0817-2 du 06 août 2007	None	vendor-advisory
Bulletin de sécurité Gentoo GLSA-200705-23 du 31 mai 2007 :	-	other
Bulletin de sécurité Gentoo GLSA-200706-08 du 26 juin 2007 :	-	other
Bulletin de sécurité HP OpenView c01269450 du 14 novembre 2007 :	-	other
Avis du CERTA CERTA-2007-AVI-238 du 01 juin 2007 :	-	other
Bulletin de sécurité Avaya ASA-2007-199 du 23 mai 2007 :	-	other
Bulletin de sécurité SuSE SUSE-SA:2007:045 du 18 juillet 2008 :	-	other
Bulletin de sécurité RedHat RHSA-2007:0829 du 07 août 2007 :	-	other
Bulletin de sécurité RedHat RHSA-2007:0818 du 06 août 2007 :	-	other
Bulletin de sécurité RedHat RHSA-2007:0817 du 06 août 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Sun Java JDK 1.6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java JDK 1.5.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java JRE 1.3.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java JRE 1.5.x / 5.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java SDK 1.3.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java JRE 1.4.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java JRE 1.6.x / 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java SDK 1.4.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java Enterprise System 5.x (JSSE) 1.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne premi\u00e8re vuln\u00e9rabilit\u00e9, li\u00e9e \u00e0 Java Web Start, permet \u00e0 un\nutilisateur d\u0027\u00e9lever ses privil\u00e8ges et d\u0027acc\u00e9der ind\u00fbment \u00e0 des fichiers\nen lecture et en modification (CVE-2007-2435).\n\nUne seconde vuln\u00e9rabilit\u00e9 permet \u00e0 une application (ou \u00e0 une applet)\nd\u0027\u00e9lever ses privil\u00e8ges et d\u0027ex\u00e9cuter un code arbitraire sur la machine\nvirtuelle (CVE-2007-3004).\n\nUne troisi\u00e8me vuln\u00e9rabilit\u00e9 permet de bloquer la machine virtuelle,\nprovoquant un d\u00e9ni de service (CVE-2007-3005).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-2788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2788"
    },
    {
      "name": "CVE-2007-3004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3004"
    },
    {
      "name": "CVE-2007-3922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3922"
    },
    {
      "name": "CVE-2007-3503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3503"
    },
    {
      "name": "CVE-2007-3655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3655"
    },
    {
      "name": "CVE-2007-3005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3005"
    },
    {
      "name": "CVE-2007-2789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2789"
    },
    {
      "name": "CVE-2007-2435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2435"
    }
  ],
  "initial_release_date": "2007-08-07T00:00:00",
  "last_revision_date": "2007-11-16T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200705-23 du 31 mai 2007 :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200706-08 du 26 juin 2007    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200706-08.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP OpenView c01269450 du 14 novembre    2007 :",
      "url": "http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c01269450"
    },
    {
      "title": "Avis du CERTA CERTA-2007-AVI-238 du 01 juin 2007 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-AVI-238/index.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2007-199 du 23 mai 2007 :",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-199.htm"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2007:045 du 18 juillet    2008 :",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00007.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2007:0829 du 07 ao\u00fbt 2007    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0829.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2007:0818 du 06 ao\u00fbt 2007    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0818.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2007:0817 du 06 ao\u00fbt 2007    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0817.html"
    }
  ],
  "reference": "CERTA-2007-AVI-348",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-08-07T00:00:00.000000"
    },
    {
      "description": "modification des syst\u00e8mes affect\u00e9s, ajout des r\u00e9f\u00e9rences CVE et des bulletins de s\u00e9curit\u00e9 des \u00e9diteurs SuSE, Red Hat, Avaya et Gentoo.",
      "revision_date": "2007-08-08T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 HP OpenView.",
      "revision_date": "2007-11-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans les paquetages java-1.4.2-ibm permettent \u00e0\nun utilisateur malveillant de contourner la politique de s\u00e9curit\u00e9 du\nsyst\u00e8me vuln\u00e9rable.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans la machine Java d\u0027IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis Redhat RHSA-2007:0817-2 du 06 ao\u00fbt 2007",
      "url": null
    }
  ]
}

CERTA-2007-AVI-546

Vulnerability from certfr_avis - Published: 2007-12-17 - Updated: 2007-12-17

De multiples vulnérabilités ont été découvertes dans Java pour Mac OS X.

Description

De multiples vulérabilités de Java pour Mac OS X ont été découvertes. Les vulnérabilités les plus importantes permettent :

un contournement de la politique de sécurité via une appliquette spécialement conçue permettant la suppression et l'insertion d'objets ;
une exécution de code arbitraire à distance et une élévation de privilèges via une vulnérabilité de Java 1.4 ;
une exécution de code arbitraire à distance et une élévation de privilèges via une vulnérabilité de J2SE 5.0.

Solution

Se référer au bulletin de sécurité Apple 307177 pour l'obtention des correctifs (cf. section Documentation).

Mac OS X version 10.4.10 et les versions antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletins de sécurité Apple 307177 du 12 décembre 2007	None	vendor-advisory
Bulletin de sécurité Apple 307177 du 12 décembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMac OS X version 10.4.10 et les versions ant\u00e9rieures.\u003c/P\u003e",
  "content": "## Description\n\nDe multiples vul\u00e9rabilit\u00e9s de Java pour Mac OS X ont \u00e9t\u00e9 d\u00e9couvertes.\nLes vuln\u00e9rabilit\u00e9s les plus importantes permettent :\n\n-   un contournement de la politique de s\u00e9curit\u00e9 via une appliquette\n    sp\u00e9cialement con\u00e7ue permettant la suppression et l\u0027insertion\n    d\u0027objets ;\n-   une ex\u00e9cution de code arbitraire \u00e0 distance et une \u00e9l\u00e9vation de\n    privil\u00e8ges via une vuln\u00e9rabilit\u00e9 de Java 1.4 ;\n-   une ex\u00e9cution de code arbitraire \u00e0 distance et une \u00e9l\u00e9vation de\n    privil\u00e8ges via une vuln\u00e9rabilit\u00e9 de J2SE 5.0.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Apple 307177 pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-2788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2788"
    },
    {
      "name": "CVE-2006-4339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4339"
    },
    {
      "name": "CVE-2007-3004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3004"
    },
    {
      "name": "CVE-2007-3698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3698"
    },
    {
      "name": "CVE-2007-3922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3922"
    },
    {
      "name": "CVE-2007-0243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0243"
    },
    {
      "name": "CVE-2007-3503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3503"
    },
    {
      "name": "CVE-2006-6731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6731"
    },
    {
      "name": "CVE-2007-3655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3655"
    },
    {
      "name": "CVE-2007-5862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5862"
    },
    {
      "name": "CVE-2006-6745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6745"
    },
    {
      "name": "CVE-2007-4381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4381"
    },
    {
      "name": "CVE-2007-3504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3504"
    },
    {
      "name": "CVE-2006-6736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6736"
    },
    {
      "name": "CVE-2007-3005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3005"
    },
    {
      "name": "CVE-2007-2789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2789"
    },
    {
      "name": "CVE-2007-5232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5232"
    },
    {
      "name": "CVE-2007-2435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2435"
    }
  ],
  "initial_release_date": "2007-12-17T00:00:00",
  "last_revision_date": "2007-12-17T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 307177 du 12 d\u00e9cembre 2007 :",
      "url": "http://docs.info.apple.com/article.html?artnum=307177"
    }
  ],
  "reference": "CERTA-2007-AVI-546",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Java pour Mac OS X.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 Apple 307177 du 12 d\u00e9cembre 2007",
      "url": null
    }
  ]
}

GSD-2007-2788

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-2788

Aliases

CVE-2007-2788

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-2788",
    "description": "Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.",
    "id": "GSD-2007-2788",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-2788.html",
      "https://access.redhat.com/errata/RHSA-2008:0524",
      "https://access.redhat.com/errata/RHSA-2008:0261",
      "https://access.redhat.com/errata/RHSA-2008:0100",
      "https://access.redhat.com/errata/RHSA-2007:1086",
      "https://access.redhat.com/errata/RHSA-2007:0956",
      "https://access.redhat.com/errata/RHSA-2007:0829",
      "https://access.redhat.com/errata/RHSA-2007:0817"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-2788"
      ],
      "details": "Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.",
      "id": "GSD-2007-2788",
      "modified": "2023-12-13T01:21:37.837428Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-2788",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "26933",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26933"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=307177",
            "refsource": "MISC",
            "url": "http://docs.info.apple.com/article.html?artnum=307177"
          },
          {
            "name": "[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1",
            "refsource": "MLIST",
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
          },
          {
            "name": "26049",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26049"
          },
          {
            "name": "BEA07-177.00",
            "refsource": "BEA",
            "url": "http://dev2dev.bea.com/pub/advisory/248"
          },
          {
            "name": "26311",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26311"
          },
          {
            "name": "20070703 Sun JDK Confusion",
            "refsource": "VIM",
            "url": "http://www.attrition.org/pipermail/vim/2007-July/001696.html"
          },
          {
            "name": "sun-java-image-bo(34652)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34652"
          },
          {
            "name": "200856",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1"
          },
          {
            "name": "http://scary.beasts.org/security/CESA-2006-004.html",
            "refsource": "MISC",
            "url": "http://scary.beasts.org/security/CESA-2006-004.html"
          },
          {
            "name": "30805",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30805"
          },
          {
            "name": "ADV-2008-0065",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0065"
          },
          {
            "name": "sunjava-iccprofile-overflow(34318)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34318"
          },
          {
            "name": "VU#138545",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/138545"
          },
          {
            "name": "GLSA-200705-23",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
          },
          {
            "name": "24004",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/24004"
          },
          {
            "name": "20071218 Sun JDK Confusion Revisited",
            "refsource": "VIM",
            "url": "http://www.attrition.org/pipermail/vim/2007-December/001862.html"
          },
          {
            "name": "26369",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26369"
          },
          {
            "name": "GLSA-200804-28",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
          },
          {
            "name": "102934",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1"
          },
          {
            "name": "28056",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28056"
          },
          {
            "name": "29858",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29858"
          },
          {
            "name": "SUSE-SA:2007:045",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
          },
          {
            "name": "ADV-2007-1836",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/1836"
          },
          {
            "name": "APPLE-SA-2007-12-14",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
          },
          {
            "name": "RHSA-2008:0100",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0100.html"
          },
          {
            "name": "RHSA-2007:0956",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0956.html"
          },
          {
            "name": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html",
            "refsource": "CONFIRM",
            "url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
          },
          {
            "name": "RHSA-2007:0817",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
          },
          {
            "name": "26645",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26645"
          },
          {
            "name": "26119",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26119"
          },
          {
            "name": "28365",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28365"
          },
          {
            "name": "24267",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/24267"
          },
          {
            "name": "25832",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25832"
          },
          {
            "name": "ADV-2007-4224",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/4224"
          },
          {
            "name": "GLSA-200706-08",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
          },
          {
            "name": "30780",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30780"
          },
          {
            "name": "25295",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25295"
          },
          {
            "name": "ADV-2007-3009",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/3009"
          },
          {
            "name": "27266",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27266"
          },
          {
            "name": "SUSE-SA:2007:056",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html"
          },
          {
            "name": "20070711 Sun JDK Confusion",
            "refsource": "VIM",
            "url": "http://www.attrition.org/pipermail/vim/2007-July/001708.html"
          },
          {
            "name": "GLSA-200709-15",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml"
          },
          {
            "name": "28115",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28115"
          },
          {
            "name": "1018182",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018182"
          },
          {
            "name": "RHSA-2008:0261",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
          },
          {
            "name": "29340",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29340"
          },
          {
            "name": "25474",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25474"
          },
          {
            "name": "RHSA-2007:1086",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1086.html"
          },
          {
            "name": "27203",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27203"
          },
          {
            "name": "20070704 [theall at tenablesecurity.com: Sun JDK Confusion] (fwd)",
            "refsource": "VIM",
            "url": "http://www.attrition.org/pipermail/vim/2007-July/001697.html"
          },
          {
            "name": "GLSA-200804-20",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
          },
          {
            "name": "GLSA-200806-11",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
          },
          {
            "name": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html",
            "refsource": "CONFIRM",
            "url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
          },
          {
            "name": "RHSA-2007:0829",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
          },
          {
            "name": "26631",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26631"
          },
          {
            "name": "oval:org.mitre.oval:def:11700",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700"
          },
          {
            "name": "RHSA-2008:0133",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0133.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2788"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://scary.beasts.org/security/CESA-2006-004.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://scary.beasts.org/security/CESA-2006-004.html"
            },
            {
              "name": "24004",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/24004"
            },
            {
              "name": "25295",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/25295"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
            },
            {
              "name": "GLSA-200705-23",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
            },
            {
              "name": "GLSA-200706-08",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
            },
            {
              "name": "GLSA-200709-15",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml"
            },
            {
              "name": "RHSA-2007:0829",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
            },
            {
              "name": "RHSA-2007:0956",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0956.html"
            },
            {
              "name": "SUSE-SA:2007:045",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
            },
            {
              "name": "SUSE-SA:2007:056",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html"
            },
            {
              "name": "25474",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/25474"
            },
            {
              "name": "25832",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/25832"
            },
            {
              "name": "26049",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26049"
            },
            {
              "name": "26119",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26119"
            },
            {
              "name": "26369",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26369"
            },
            {
              "name": "26933",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26933"
            },
            {
              "name": "27203",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/27203"
            },
            {
              "name": "27266",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/27266"
            },
            {
              "name": "26645",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26645"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307177",
              "refsource": "MISC",
              "tags": [
                "Broken Link"
              ],
              "url": "http://docs.info.apple.com/article.html?artnum=307177"
            },
            {
              "name": "APPLE-SA-2007-12-14",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
            },
            {
              "name": "BEA07-177.00",
              "refsource": "BEA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://dev2dev.bea.com/pub/advisory/248"
            },
            {
              "name": "RHSA-2007:1086",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1086.html"
            },
            {
              "name": "RHSA-2007:0817",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
            },
            {
              "name": "102934",
              "refsource": "SUNALERT",
              "tags": [
                "Broken Link"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1"
            },
            {
              "name": "VU#138545",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/138545"
            },
            {
              "name": "20070703 Sun JDK Confusion",
              "refsource": "VIM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-July/001696.html"
            },
            {
              "name": "20070704 [theall at tenablesecurity.com: Sun JDK Confusion] (fwd)",
              "refsource": "VIM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-July/001697.html"
            },
            {
              "name": "20070711 Sun JDK Confusion",
              "refsource": "VIM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-July/001708.html"
            },
            {
              "name": "20071218 Sun JDK Confusion Revisited",
              "refsource": "VIM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-December/001862.html"
            },
            {
              "name": "24267",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/24267"
            },
            {
              "name": "1018182",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id?1018182"
            },
            {
              "name": "28056",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/28056"
            },
            {
              "name": "26311",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26311"
            },
            {
              "name": "26631",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26631"
            },
            {
              "name": "28115",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/28115"
            },
            {
              "name": "[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
            },
            {
              "name": "28365",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/28365"
            },
            {
              "name": "RHSA-2008:0100",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0100.html"
            },
            {
              "name": "200856",
              "refsource": "SUNALERT",
              "tags": [
                "Broken Link"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1"
            },
            {
              "name": "29340",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/29340"
            },
            {
              "name": "GLSA-200804-20",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
            },
            {
              "name": "29858",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/29858"
            },
            {
              "name": "GLSA-200804-28",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
            },
            {
              "name": "RHSA-2008:0261",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
            },
            {
              "name": "GLSA-200806-11",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
            },
            {
              "name": "RHSA-2008:0133",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0133.html"
            },
            {
              "name": "30780",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/30780"
            },
            {
              "name": "30805",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/30805"
            },
            {
              "name": "ADV-2007-1836",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1836"
            },
            {
              "name": "ADV-2008-0065",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0065"
            },
            {
              "name": "ADV-2007-4224",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/4224"
            },
            {
              "name": "ADV-2007-3009",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3009"
            },
            {
              "name": "sun-java-image-bo(34652)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34652"
            },
            {
              "name": "sunjava-iccprofile-overflow(34318)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34318"
            },
            {
              "name": "oval:org.mitre.oval:def:11700",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-08-01T12:21Z",
      "publishedDate": "2007-05-22T00:30Z"
    }
  }
}

FKIE_CVE-2007-2788

Vulnerability from fkie_nvd - Published: 2007-05-22 00:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://dev2dev.bea.com/pub/advisory/248	Third Party Advisory
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307177	Broken Link
cve@mitre.org	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.vmware.com/pipermail/security-announce/2008/000003.html	Mailing List, Third Party Advisory
cve@mitre.org	http://scary.beasts.org/security/CESA-2006-004.html	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/25295	Patch, Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/25474	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/25832	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/26049	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/26119	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/26311	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/26369	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/26631	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/26645	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/26933	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/27203	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/27266	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/28056	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/28115	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/28365	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/29340	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/29858	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/30780	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/30805	Third Party Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200706-08.xml	Third Party Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200804-28.xml	Third Party Advisory
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1	Broken Link
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1	Broken Link
cve@mitre.org	http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html	Third Party Advisory
cve@mitre.org	http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html	Third Party Advisory
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-December/001862.html	Third Party Advisory
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-July/001696.html	Third Party Advisory
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-July/001697.html	Third Party Advisory
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-July/001708.html	Third Party Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml	Third Party Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml	Third Party Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml	Third Party Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml	Third Party Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/138545	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.novell.com/linux/security/advisories/2007_45_java.html	Third Party Advisory
cve@mitre.org	http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html	Third Party Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2007-0817.html	Third Party Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2007-0829.html	Third Party Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2007-0956.html	Third Party Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2007-1086.html	Third Party Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2008-0100.html	Third Party Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2008-0133.html	Third Party Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2008-0261.html	Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/24004	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securityfocus.com/bid/24267	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id?1018182	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2007/1836	Permissions Required
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3009	Permissions Required
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4224	Permissions Required
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0065	Permissions Required
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/34318	Third Party Advisory, VDB Entry
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/34652	Third Party Advisory, VDB Entry
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://dev2dev.bea.com/pub/advisory/248	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307177	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2008/000003.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://scary.beasts.org/security/CESA-2006-004.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25295	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25474	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25832	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26049	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26119	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26311	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26369	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26631	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26645	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26933	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27203	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27266	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28056	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28115	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28365	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29340	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29858	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30780	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30805	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200706-08.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200804-28.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-December/001862.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-July/001696.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-July/001697.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-July/001708.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/138545	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_45_java.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0817.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0829.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0956.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1086.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0100.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0133.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0261.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24004	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24267	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018182	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1836	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3009	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4224	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0065	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/34318	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/34652	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700	Third Party Advisory

Impacted products

Vendor	Product	Version
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.5.0
sun	jdk	1.6.0
sun	jre	1.3.1
sun	jre	1.3.1_2
sun	jre	1.3.1_03
sun	jre	1.3.1_04
sun	jre	1.3.1_05
sun	jre	1.3.1_06
sun	jre	1.3.1_07
sun	jre	1.3.1_08
sun	jre	1.3.1_09
sun	jre	1.3.1_10
sun	jre	1.3.1_11
sun	jre	1.3.1_12
sun	jre	1.3.1_13
sun	jre	1.3.1_14
sun	jre	1.3.1_15
sun	jre	1.3.1_16
sun	jre	1.3.1_17
sun	jre	1.3.1_18
sun	jre	1.3.1_19
sun	jre	1.3.1_20
sun	jre	1.4.2
sun	jre	1.4.2_1
sun	jre	1.4.2_2
sun	jre	1.4.2_3
sun	jre	1.4.2_4
sun	jre	1.4.2_5
sun	jre	1.4.2_6
sun	jre	1.4.2_7
sun	jre	1.4.2_8
sun	jre	1.4.2_9
sun	jre	1.4.2_10
sun	jre	1.4.2_11
sun	jre	1.4.2_12
sun	jre	1.4.2_13
sun	jre	1.4.2_14
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.6.0
sun	sdk	1.3.1
sun	sdk	1.3.1_01
sun	sdk	1.3.1_01a
sun	sdk	1.3.1_02
sun	sdk	1.3.1_03
sun	sdk	1.3.1_04
sun	sdk	1.3.1_05
sun	sdk	1.3.1_06
sun	sdk	1.3.1_07
sun	sdk	1.3.1_08
sun	sdk	1.3.1_09
sun	sdk	1.3.1_10
sun	sdk	1.3.1_11
sun	sdk	1.3.1_12
sun	sdk	1.3.1_13
sun	sdk	1.3.1_14
sun	sdk	1.3.1_15
sun	sdk	1.3.1_16
sun	sdk	1.3.1_17
sun	sdk	1.3.1_18
sun	sdk	1.3.1_19
sun	sdk	1.3.1_20
sun	sdk	1.4.2
sun	sdk	1.4.2_1
sun	sdk	1.4.2_2
sun	sdk	1.4.2_3
sun	sdk	1.4.2_4
sun	sdk	1.4.2_5
sun	sdk	1.4.2_6
sun	sdk	1.4.2_7
sun	sdk	1.4.2_8
sun	sdk	1.4.2_9
sun	sdk	1.4.2_10
sun	sdk	1.4.2_11
sun	sdk	1.4.2_12
sun	sdk	1.4.2_13
sun	sdk	1.4.2_14

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "D57BC929-6C98-4F36-B31B-6B946F986D41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
              "matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:1.6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "C94CEFBC-250D-472E-9A5B-E9E054C967C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "7042B56E-349E-40F4-ADD7-DEF1E9D8E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0875E34D-8544-49B9-BAD9-8191CC103A07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*",
              "matchCriteriaId": "62E772B9-8E41-476F-81F5-87B41F1827A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CE78463-2CE8-43C6-BB06-AA40C72B1A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A04480-92DF-49AD-9B36-7F1FCB29DE90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2FD0B72-683D-4FF6-BCF5-5DE85BF3064B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*",
              "matchCriteriaId": "F78CD4B5-4B1D-4128-8AEA-2F967C38C6C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*",
              "matchCriteriaId": "62CAA3E7-9D65-48F3-ACF7-9D705D94DE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*",
              "matchCriteriaId": "477C310B-50AD-4D40-8EDB-4A80F0BF321D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*",
              "matchCriteriaId": "60A1F526-6B28-47A3-8D2C-06CA067E9164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F09D9E-B04B-477E-86E6-E1B1F9650973",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F929C59-9602-4962-95B4-4165D66E5935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B76949-9282-44D0-8075-74E482CE9A82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9B072DD-FC4F-4E07-9837-0E16017CA4AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*",
              "matchCriteriaId": "969BE4EC-4D13-4B74-8137-FA0F83F0FDC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*",
              "matchCriteriaId": "86408019-1B53-4AA8-9F05-47EBD0466EE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F47561-F59C-4904-8E05-D8A9629405A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB067445-8EA5-460F-B625-C21251E5A8D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C075BC-607E-47A1-A32D-B912D2FA03BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.3.1_20:*:*:*:*:*:*:*",
              "matchCriteriaId": "007175B8-48DB-46BE-B971-FB57B6A33723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "787DCE54-6991-4A1A-836B-3C46A02C7400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EEAB662-644A-4D7B-8237-64142CF48724",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9598A49-95F2-42DB-B92C-CD026F739B83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D011585C-0E62-4233-85FA-F29A07D68DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F226D898-F0E8-41D8-BF40-54DE9FB5426D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE28C283-447A-4F83-B96B-69F96E663C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
              "matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
              "matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD5187B1-CB86-48E8-A595-9FCFD9822C0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C660DE4-543A-4E9B-825D-CD099D08CBD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F0AD0F9-E797-4E16-95F3-C1AFDA557D78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
              "matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "9AF0780E-830E-4971-8F79-8FCF5D2EBC20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "167D85F7-0D94-49CC-8A5E-F5FAB00ADFBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*",
              "matchCriteriaId": "34710306-D6CF-4D07-84BF-71A8839BE416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*",
              "matchCriteriaId": "44B93DC8-6375-4B41-B9BC-F22F592C56B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*",
              "matchCriteriaId": "87BF46A9-8E4A-4583-B35F-052FD481DF66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B351BB-6CA6-4CEF-9F5D-ED47774FC676",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA40FCD-1D34-4C47-908F-697433236153",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*",
              "matchCriteriaId": "00639A84-BD03-4BD9-A655-F806693DBC8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*",
              "matchCriteriaId": "14824B23-FF9F-4D6D-9D02-12B79BE346A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*",
              "matchCriteriaId": "6493744C-A69D-4377-937E-85E7F5535EA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*",
              "matchCriteriaId": "C09019B1-B873-41CE-951E-4777F324729C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC4209A0-E73F-4B5A-9925-B5D20F879455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*",
              "matchCriteriaId": "297DF5AD-FC22-432B-AE6A-2B1E6CFE1BE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB8516D-03C4-478D-AFE2-824867FDC739",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F82AED17-FEC3-47D0-A395-26ACD07FBE52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*",
              "matchCriteriaId": "9630BC7B-9039-4FA6-86F8-5274783F3EB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1A6A15C-216A-42B1-84EF-B3D9A313D4A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC39C819-9439-4029-8377-F6D58B3DFDFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A053DEF6-1317-4DA8-91D7-E1970DA62351",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0DBFDD8-40AE-44F2-8F02-FB7A4FAE5235",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB0605FF-3DDC-4F3A-8171-F3A447E9C292",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*",
              "matchCriteriaId": "801FF3B4-0729-4710-BFC2-4B078029944F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EB8591E-3D6E-489B-B0D6-CEBB9D09EA68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "002CA86D-3090-4C7A-947A-21CB5D1ADD98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6453C9-7EE0-4FFB-861D-C2D9416DCABA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "89BF16DE-EEAB-4DA5-BFF1-7A0A58DE141F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DDE253E-C8B6-4C1D-AECE-ABEA1A67306B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A56D9A60-F272-4D4C-A9DD-C93DAF783585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF109CAA-E8D2-4BD7-BE7C-AF8B2A78672E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*",
              "matchCriteriaId": "976F4ACB-3725-45B7-B2EF-DEE4B88254E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*",
              "matchCriteriaId": "52BDD6A8-1611-4C3C-865D-6EDB5B9F8D88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1F28FF-652A-4C89-9AC6-5E212F890811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*",
              "matchCriteriaId": "96A8C351-E9CD-431B-8B9D-712CA54C7213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
              "matchCriteriaId": "36888382-79C8-4C97-A654-C668CD68556F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F34C99E6-F9F0-4EF3-8601-B47EAE3D7273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A74DD08D-CEDB-460E-BED5-78F6CAF18BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F64FBC-DC97-4FE3-A235-18B87945AF7A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de enteros en el analizador de imagen de perfil ICC integrado en Sun Java Development Kit (JDK) versiones anteriores a 1.5.0_11-b03 y versiones 1.6.x anteriores a 1.6.0_01-b06, y Sun Java Runtime Environment en JDK y JRE versi\u00f3n 6, JDK y JRE versi\u00f3n 5.0 Update 10 y anteriores, SDK y JRE versi\u00f3n 1.4.2_14 y anteriores, y SDK y JRE versi\u00f3n 1.3.1_20 y anteriores, permiten a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (bloqueo de JVM) por medio de un archivo JPEG o BMP dise\u00f1ado que desencadena un desbordamiento de b\u00fafer."
    }
  ],
  "id": "CVE-2007-2788",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-22T00:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://dev2dev.bea.com/pub/advisory/248"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://docs.info.apple.com/article.html?artnum=307177"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://scary.beasts.org/security/CESA-2006-004.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/25295"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/25474"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/25832"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26049"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26119"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26311"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26369"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26631"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26645"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26933"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27203"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27266"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/28056"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/28115"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/28365"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/29340"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/29858"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/30780"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/30805"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.attrition.org/pipermail/vim/2007-December/001862.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001696.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001697.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001708.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/138545"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0956.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1086.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0100.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0133.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/24004"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/24267"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1018182"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/1836"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3009"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4224"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0065"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34318"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34652"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://dev2dev.bea.com/pub/advisory/248"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://docs.info.apple.com/article.html?artnum=307177"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://scary.beasts.org/security/CESA-2006-004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/25295"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/25474"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/25832"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26369"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26933"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27266"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/28056"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/28115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/28365"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/29340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/29858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/30780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/30805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200706-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.attrition.org/pipermail/vim/2007-December/001862.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001696.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001697.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001708.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/138545"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0817.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0956.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1086.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0100.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0133.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/24004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/24267"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1018182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/1836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34318"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-2788 (GCVE-0-2007-2788)

GHSA-CJWJ-WVCJ-RR5C

CERTA-2007-AVI-348

Description

Solution

CERTA-2007-AVI-546

Description

Solution

GSD-2007-2788

FKIE_CVE-2007-2788

Tags

Sightings

Nomenclature