CVE-2008-3112
CVE-2008-3112
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlhttp://marc.info/?l=bugtraq&m=122331139823057&w=2http://rhn.redhat.com/errata/RHSA-2008-0955.htmlhttp://secunia.com/advisories/31010http://secunia.com/advisories/31055http://secunia.com/advisories/31320http://secunia.com/advisories/31497