Directory Traversal Vulnerability in Sun Java Web Start by Sun Microsystems
CVE-2008-3112

Currently unrated

Key Information:

Vendor

Oracle
Status
Jdk
Jre
Sdk
Vendor
CVE Published:
9 July 2008

What is CVE-2008-3112?

A directory traversal vulnerability exists in Sun Java Web Start, allowing remote attackers to create arbitrary files through the writeManifest method in the CacheEntry class. This flaw affects multiple versions of JDK and JRE, making it crucial for users and organizations to review their security configurations and apply the necessary updates.

References

http://lists.apple.com/archives/security-announce//2008/S...
vendor-advisoryx_refsource_APPLE
http://marc.info/?l=bugtraq&m=122331139823057&w=2
mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/32436
third-party-advisoryx_refsource_SECUNIA

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.