Vulnerability Details : CVE-2007-3504
Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite privileges to itself. NOTE: this can be leveraged to execute arbitrary code by overwriting a .java.policy file.
Vulnerability category: Directory traversalExecute code
Products affected by CVE-2007-3504
- cpe:2.3:a:sun:jdk:*:update11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:*:update13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:*:update11:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-3504
39.71%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-3504
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2007-3504
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-3504
-
http://www.securitytracker.com/id?1018328
-
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
Apple - Lists.apple.com
-
http://docs.info.apple.com/article.html?artnum=307177
-
http://www.vupen.com/english/advisories/2007/2384
Vendor Advisory
-
http://www.securityfocus.com/archive/1/472673/100/0/threaded
-
http://www.vupen.com/english/advisories/2007/4224
Site en constructionVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/35169
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102957-1
Patch
-
http://www.securityfocus.com/bid/24695
Jump to