Vulnerabilities > CVE-2005-0471 - Remote Security vulnerability in SUN JDK and JRE

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

sun

NVD

Published: 2005-03-14

Updated: 2017-07-11

Summary

Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN JDK 1.1.0 SUN JDK 1.2.0 SUN JDK 1.3.0 SUN JDK 1.4.0 SUN JDK 1.5.0 SUN JRE 1.1 SUN JRE 1.2 SUN JRE 1.3.0 SUN JRE 1.4 SUN JRE 1.5.0	10

References

http://secunia.com/advisories/11070/
http://secunia.com/secunia_research/2004-7/advisory/
http://www.kb.cert.org/vuls/id/544392
https://exchange.xforce.ibmcloud.com/vulnerabilities/19285