Описание
Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:-:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_20:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_21:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_22:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_23:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_21:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_22:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_23:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_18:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03736
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
около 17 лет назад
Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors.
redhat
около 17 лет назад
Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors.
debian
около 17 лет назад
Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ear ...
github
больше 3 лет назад
Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors.
EPSS
Процентиль: 88%
0.03736
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other