Strix
26.1K

CVE-2007-5689

UnknownEPSS 5.03%

Last modified

CVE-2007-5689 is a vulnerability of currently unknown severity. The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves.. EPSS estimates a 5.03% chance of exploitation in the next 30 days.

Description

The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves.

Metrics

EPSS Probability
5.03%

91.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersionsUpdate
SunJdk<= 1.6.0Update2
SunJdk1.5.0Update1
SunJdk1.6.0Update1
SunJre<= 1.3.1Update20
SunJre<= 1.4.2Update15
SunJre<= 1.5.0Update12
SunJre1.3.0
SunJre1.3.1Update1
SunJre1.4
SunJre1.4.1Update3
SunJre1.4.2
SunJre1.4.2_1
SunJre1.4.2_3
SunJre1.4.2_8
SunJre1.4.2_9
SunJre1.4.2_10
SunJre1.4.2_11
SunJre1.4.2_12
SunJre1.4.2_13
SunJre1.4.2_14
SunJre1.5.0Update1
SunJre1.6.0Update 1
SunSdk<= 1.4.2_15
SunSdk1.3.1_01
SunSdk1.3.1_01a
SunSdk1.3.1_16
SunSdk1.3.1_18
SunSdk1.3.1_19
SunSdk1.3.1_20
SunSdk1.4.2
SunSdk1.4.2_03
SunSdk1.4.2_08
SunSdk1.4.2_09
SunSdk1.4.2_10
SunSdk1.4.2_11
SunSdk1.4.2_12
SunSdk1.4.2_13
SunSdk1.4.2_14

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2007-5689?
The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves.
How severe is CVE-2007-5689?
Severity scoring for CVE-2007-5689 is pending analysis. The EPSS model estimates a 5.03% probability of exploitation in the next 30 days.
How do I fix CVE-2007-5689?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-5689?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST