QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-3655

Back to search

CVE-2007-3655

Published: Jul 10, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file.

VendorProductVersions

n/a

n/a

affected
n/a

References

RHSA-2007:0818
vendor-advisory
x_refsource_REDHAT
37756
vdb-entry
x_refsource_OSVDB
ADV-2007-2477
vdb-entry
x_refsource_VUPEN
26314
third-party-advisory
x_refsource_SECUNIA
24832
vdb-entry
x_refsource_BID
26369
third-party-advisory
x_refsource_SECUNIA
sun-java-jnlp-bo(35320)
vdb-entry
x_refsource_XF
GLSA-200804-28
vendor-advisory
x_refsource_GENTOO
29858
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2007-12-14
vendor-advisory
x_refsource_APPLE
25981
third-party-advisory
x_refsource_SECUNIA
2874
third-party-advisory
x_refsource_SREASON
1018346
vdb-entry
x_refsource_SECTRACK
ADV-2007-4224
vdb-entry
x_refsource_VUPEN
20070711 SUN Java JNLP Overflow
mailing-list
x_refsource_BUGTRAQ
30780
third-party-advisory
x_refsource_SECUNIA
27266
third-party-advisory
x_refsource_SECUNIA
102996
vendor-advisory
x_refsource_SUNALERT
SUSE-SA:2007:056
vendor-advisory
x_refsource_SUSE
oval:org.mitre.oval:def:11367
vdb-entry
signature
x_refsource_OVAL
28115
third-party-advisory
x_refsource_SECUNIA
30284
exploit
x_refsource_EXPLOIT-DB
GLSA-200804-20
vendor-advisory
x_refsource_GENTOO
GLSA-200806-11
vendor-advisory
x_refsource_GENTOO
RHSA-2007:0829
vendor-advisory
x_refsource_REDHAT
20070711 SUN Java JNLP Overflow
mailing-list
x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now