CVE-2007-3504

Published: Jun 30, 2007Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite privileges to itself. NOTE: this can be leveraged to execute arbitrary code by overwriting a .java.policy file.

Affected (4)

Products: Sun: Jdk, Jre, Sdk

3 products

Configuration A

4 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sun Jdk	Up to 1.5.0
Sun Jre	Up to 1.5.0
Sun Jre	Up to 1.4.2
Sun Sdk	Up to 1.4.2_13

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (24)

http://docs.info.apple.com/article.html?artnum=307177

Source: cve@mitre.org

http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

Source: cve@mitre.org

http://osvdb.org/37755

Source: cve@mitre.org

http://secunia.com/advisories/25823

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/28115

Source: cve@mitre.org

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102957-1

Source: cve@mitre.org

Patch

http://www.securityfocus.com/archive/1/472673/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/24695

Source: cve@mitre.org

http://www.securitytracker.com/id?1018328

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/2384

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2007/4224

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/35169

Source: cve@mitre.org

http://docs.info.apple.com/article.html?artnum=307177

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/37755

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/25823

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/28115

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102957-1

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/archive/1/472673/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/24695

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1018328

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/2384

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2007/4224

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/35169

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.