Strix
26.1K

CVE-2007-5240

UnknownEPSS 2.96%

Last modified

CVE-2007-5240 is a vulnerability of currently unknown severity. Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.. EPSS estimates a 2.96% chance of exploitation in the next 30 days.

Description

Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.

Metrics

EPSS Probability
2.96%

85.4th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersionsUpdate
SunJdk1.5.0Update1
SunJdk1.6.0Update1
SunJre1.3.0
SunJre1.3.1Update1
SunJre1.4
SunJre1.4.1Update3
SunJre1.4.2
SunJre1.4.2_1
SunJre1.4.2_3
SunJre1.4.2_8
SunJre1.4.2_9
SunJre1.4.2_10
SunJre1.4.2_11
SunJre1.4.2_12
SunJre1.4.2_13
SunJre1.4.2_14
SunJre1.4.2_15
SunJre1.5.0Update1
SunJre1.6.0Update 1
SunSdk1.3.1_01
SunSdk1.3.1_01a
SunSdk1.3.1_16
SunSdk1.3.1_18
SunSdk1.3.1_19
SunSdk1.3.1_20
SunSdk1.4.2
SunSdk1.4.2_03
SunSdk1.4.2_08
SunSdk1.4.2_09
SunSdk1.4.2_10
SunSdk1.4.2_11
SunSdk1.4.2_12
SunSdk1.4.2_13
SunSdk1.4.2_14
SunSdk1.4.2_15

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2007-5240?
Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.
How severe is CVE-2007-5240?
Severity scoring for CVE-2007-5240 is pending analysis. The EPSS model estimates a 2.96% probability of exploitation in the next 30 days.
How do I fix CVE-2007-5240?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-5240?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST