CVE-2007-5019

SUN Java Web Start - Memory Corruption

Title source: rule

Description

Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X allows remote attackers to have an unknown impact via a long argument to the dnsResolve (isInstalled.dnsResolve) method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by YAG KOHHA · htmldosmultiple

https://www.exploit-db.com/exploits/4432

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/36682

[Exploit] http://www.securityfocus.com/bid/25734

[Third Party Advisory, VDB Entry] http://osvdb.org/38297

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4432

Scores

EPSS 0.1010

EPSS Percentile 93.1%

Details

CWE

CWE-119

Status published

Products (4)

sun/java_web_start

sun/jre 1.6.0_0

sun/jre 1.6.0_10

sun/sdk 1.3.0

Published Sep 20, 2007

Tracked Since Feb 18, 2026