High Risk Flaw in Sun's Java Web Start

John Heasman of NGSSoftware has discovered a high risk vulnerability in Sun Microsystem's Java Web Start that ships with the JRE and JDK on Windows platforms. The vulnerability affects the following version of Java Web Start: Java Web Start in JDK and JRE 5.0 Update 11 and earlier Java Web Start ...

Directory traversal

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

CVE-2007-3504

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

CVE-2007-3504

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...