Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and previous versions, and Java Web Start in SDK and JRE 1.4.2_13 and previous versions, for Windows allows remote malicious users to perform unauthorized actions via an application that grants file overwrite privileges to itself. NOTE: this can be leveraged to execute arbitrary code by overwriting a .java.policy file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun jdk |
||
sun jre |
||
sun sdk |