The Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File() call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft java virtual machine 1.1 |