| Vulnerability Name: | CVE-2005-0471 (CCN-19285) | ||||||||
| Assigned: | 2005-02-08 | ||||||||
| Published: | 2005-02-08 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | File Manipulation | ||||||||
| References: | Source: MITRE Type: CNA CVE-2005-0471 Source: CCN Type: SA11070 Sun Java Plugin Predictable File Location Weakness Source: SECUNIA Type: Vendor Advisory 11070 Source: MISC Type: UNKNOWN http://secunia.com/secunia_research/2004-7/advisory/ Source: CCN Type: US-CERT VU#544392 Sun Java Plugin may create temporary files with predictable names Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#544392 Source: CCN Type: OSVDB ID: 13620 Sun Java Plugin 8.3 Name Predictable File Location Weakness Source: XF Type: UNKNOWN sun-java-create-files(19285) Source: XF Type: UNKNOWN sun-java-create-files(19285) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||