Lucene search

[email protected]CVE-2005-0471

HistoryMar 14, 2005 - 5:00 a.m.

CVE-2005-0471

2005-03-1405:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0471

sun java jre

file system vulnerability

remote attack

arbitrary file write

7.8 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.1%

JSON

Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names.

CPENameOperatorVersion
sun:jresun jreeq1.5.0
sun:jdksun jdkeq1.1.0
sun:jresun jreeq1.1
sun:jresun jreeq1.3.0
sun:jdksun jdkeq1.3.0
sun:jresun jreeq1.4
sun:jresun jreeq1.2
sun:jdksun jdkeq1.5.0
sun:jdksun jdkeq1.4.0
sun:jdksun jdkeq1.2.0

CPE	Name	Operator	Version
sun:jre	sun jre	eq	1.5.0
sun:jdk	sun jdk	eq	1.1.0
sun:jre	sun jre	eq	1.1
sun:jre	sun jre	eq	1.3.0
sun:jdk	sun jdk	eq	1.3.0
sun:jre	sun jre	eq	1.4
sun:jre	sun jre	eq	1.2
sun:jdk	sun jdk	eq	1.5.0
sun:jdk	sun jdk	eq	1.4.0
sun:jdk	sun jdk	eq	1.2.0

References

secunia.com/advisories/11070/

secunia.com/secunia_research/2004-7/advisory/

www.kb.cert.org/vuls/id/544392

exchange.xforce.ibmcloud.com/vulnerabilities/19285

7.8 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.1%

JSON