CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-0418

Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html

Products affected by CVE-2005-0418

Sun » J2se » Version: 1.4.2

cpe:2.3:a:sun:j2se:1.4.2
Sun » J2se » Version: 1.4.2_01

cpe:2.3:a:sun:j2se:1.4.2_01
Sun » J2se » Version: 1.4.2_02

cpe:2.3:a:sun:j2se:1.4.2_02
Sun » J2se » Version: 1.4.2_03

cpe:2.3:a:sun:j2se:1.4.2_03
Sun » J2se » Version: 1.4.2_04

cpe:2.3:a:sun:j2se:1.4.2_04
Sun » J2se » Version: 1.4.2_05

cpe:2.3:a:sun:j2se:1.4.2_05
Sun » J2se » Version: 1.4.2_06

cpe:2.3:a:sun:j2se:1.4.2_06

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0418

Products

Pricing

Contact Us