CVE-2007-3504

2007-06-29T21:30:00
ID CVE-2007-3504
Type cve
Reporter NVD
Modified 2017-07-28T21:32:19

Description

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite privileges to itself. NOTE: this can be leveraged to execute arbitrary code by overwriting a .java.policy file.