Oval Definition:	oval:org.mitre.oval:def:11102
Revision Date: 2010-09-06 Version: 5 Title: Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909. Description: Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2008-3112 Platform(s): Red Hat Enterprise Linux Extras 4 Red Hat Enterprise Linux Extras 5 Product(s): Definition Synopsis AND redhat-release is version 4 java-1.5.0-sun-demo is earlier than 0:1.5.0.16-1jpp.2.el4 OR java-1.5.0-sun-plugin is earlier than 0:1.5.0.16-1jpp.2.el4 OR java-1.5.0-sun-jdbc is earlier than 0:1.5.0.16-1jpp.2.el4 OR java-1.5.0-sun-src is earlier than 0:1.5.0.16-1jpp.2.el4 OR java-1.5.0-sun is earlier than 0:1.5.0.16-1jpp.2.el4 OR java-1.5.0-sun-devel is earlier than 0:1.5.0.16-1jpp.2.el4 OR redhat-release is version 5 java-1.6.0-sun-devel is earlier than 1:1.6.0.7-1jpp.1.el5 OR java-1.6.0-sun is earlier than 1:1.6.0.7-1jpp.1.el5 OR java-1.6.0-sun-demo is earlier than 1:1.6.0.7-1jpp.1.el5 OR java-1.5.0-sun-plugin is earlier than 0:1.5.0.16-1jpp.2.el5 OR java-1.5.0-sun is earlier than 0:1.5.0.16-1jpp.2.el5 OR java-1.6.0-sun-src is earlier than 1:1.6.0.7-1jpp.1.el5 OR java-1.5.0-sun-demo is earlier than 0:1.5.0.16-1jpp.2.el5 OR java-1.6.0-sun-plugin is earlier than 1:1.6.0.7-1jpp.1.el5 OR java-1.5.0-sun-jdbc is earlier than 0:1.5.0.16-1jpp.2.el5 OR java-1.5.0-sun-src is earlier than 0:1.5.0.16-1jpp.2.el5 OR java-1.6.0-sun-jdbc is earlier than 1:1.6.0.7-1jpp.1.el5 OR java-1.5.0-sun-devel is earlier than 0:1.5.0.16-1jpp.2.el5
BACK