CyberSec.Space Logo
返回 CVE 浏览器

CVE-2005-0418

HIGH
7.5
CVSS Severity Score
EPSS Score0.1790%
EPSS Percentile24.72th
Published2005年5月2日
Last Modified2026年4月16日

Vulnerability Description

Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836.

Affected Platforms (CPE)

📦
Sun

J2se

= 1.4.2
📦
Sun

J2se

= 1.4.2_01
📦
Sun

J2se

= 1.4.2_02
📦
Sun

J2se

= 1.4.2_03
📦
Sun

J2se

= 1.4.2_04
📦
Sun

J2se

= 1.4.2_05
📦
Sun

J2se

= 1.4.2_06

References & Advisories

🔗 http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html
🔗 http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html

相关漏洞威胁

CVE-2008-311110.0

Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JR...

CVE-2005-083610.0

Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges ...

CVE-2005-19745.1

Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used ...

CVE-2005-19735.1

Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themse...