Directory Traversal Vulnerability in Sun Java Web Start by Sun Microsystems
CVE-2008-3112

Currently unrated

Key Information:

Vendor: Oracle
Status: Jdk; Jre; Sdk
Vendor: CVE Published:; 9 July 2008

Summary

A directory traversal vulnerability exists in Sun Java Web Start, allowing remote attackers to create arbitrary files through the writeManifest method in the CacheEntry class. This flaw affects multiple versions of JDK and JRE, making it crucial for users and organizations to review their security configurations and apply the necessary updates.

References

http://lists.apple.com/archives/security-announce//2008/S...

vendor-advisoryx_refsource_APPLE

http://marc.info/?l=bugtraq&m=122331139823057&w=2

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/32436

third-party-advisoryx_refsource_SECUNIA

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 9, 2008
Vulnerability Reserved
Jul 9, 2008