Package: sun-java5 Version: 1.5.0-10-3 Severity: critical Tags: security, fixed-upstream
1.5.0-10 is vulnerable to CVE-2007-5689 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5689 From http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5689 : Overview The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves. Impact CVSS Severity (version 2.0): CVSS v2 Base score: 10.0 (High) (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend) Impact Subscore: 10.0 Exploitability Subscore: 10.0
