Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.
Max CVSS
9.3
EPSS Score
2.70%
Published
2006-12-26
Updated
2018-10-30
Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file.
Max CVSS
10.0
EPSS Score
43.26%
Published
2005-05-02
Updated
2016-10-18
Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836.
Max CVSS
7.5
EPSS Score
0.23%
Published
2005-05-02
Updated
2008-09-05
3 vulnerabilities found