SUN : Security Vulnerabilities, CVEs, (Directory traversal) CVSS score >= 9
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.
Max CVSS
10.0
EPSS Score
1.96%
Published
2008-07-09
Updated
2018-10-30
Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.
Max CVSS
10.0
EPSS Score
1.71%
Published
2008-06-04
Updated
2017-08-08
Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite privileges to itself. NOTE: this can be leveraged to execute arbitrary code by overwriting a .java.policy file.
Max CVSS
9.3
EPSS Score
17.54%
Published
2007-06-30
Updated
2018-10-15
3 vulnerabilities found