Vulnerabilities > CVE-2003-1156 - Unspecified vulnerability in SUN JDK and JRE

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

sun

NVD

Published: 2003-12-31

Updated: 2024-11-20

Summary

Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN JDK 1.4.2 SUN JDK 1.4.2_02 SUN JRE 1.4.2	4

References

http://www.securityfocus.com/archive/1/343038
http://www.securityfocus.com/archive/1/343038
http://www.securityfocus.com/bid/8937
http://www.securityfocus.com/bid/8937
https://exchange.xforce.ibmcloud.com/vulnerabilities/13570
https://exchange.xforce.ibmcloud.com/vulnerabilities/13570