Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sdk | Sun | 1.4.2 (including) | 1.4.2 (including) |
Sdk | Sun | 1.5 (including) | 1.5 (including) |