CVE-2008-3112

Publication date 9 July 2008

Last updated 24 July 2024


Ubuntu priority

Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
sun-java5 9.10 karmic Not in release
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Fixed 1.5.0-22-0ubuntu0.8.04
7.10 gutsy Ignored end of life, was needs-triage
7.04 feisty Ignored end of life, was needs-triage
6.06 LTS dapper Ignored end of life
sun-java6 9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Fixed 6-17-0ubuntu1.8.04
7.10 gutsy Ignored end of life, was needs-triage
7.04 feisty Ignored end of life, was needs-triage
6.06 LTS dapper Not in release