Insecure Temporary File Handling in OpenJDK and Oracle Java
CVE-2014-1876

Currently unrated

Key Information:

Vendor: Oracle
Status: Openjdk
Vendor: CVE Published:; 10 February 2014

Summary

The unpacker::redirect_stdio function in the unpack200 utility of OpenJDK and Oracle Java products does not properly manage the creation of temporary files. When a log file cannot be opened, it allows local users to perform a symlink attack targeting /tmp/unpack.log, potentially leading to arbitrary file overwrites. This vulnerability can be exploited by determined entities to compromise the system's integrity. Users of affected versions should apply the recommended updates to safeguard against potential exploitation.

References

http://www.ubuntu.com/usn/USN-2187-1

vendor-advisoryx_refsource_UBUNTU

http://rhn.redhat.com/errata/RHSA-2014-0675.html

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2014:0414

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Feb 10, 2014
Vulnerability Reserved
Feb 6, 2014