Description
Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.
References
- MISChttp://rhn.redhat.com/errata/RHSA-2015-0857.html
- MISChttp://rhn.redhat.com/errata/RHSA-2015-1007.html
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=594497
- MISChttp://rhn.redhat.com/errata/RHSA-2015-0806.html
- MISChttp://rhn.redhat.com/errata/RHSA-2015-1006.html
- MAILING_LISThttp://marc.info/?l=oss-security&m=127602564508766&w=2
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=601823
- VENDOR_ADVISORYhttp://advisories.mageia.org/MGASA-2015-0158.html
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:212
- MAILING_LISThttp://marc.info/?l=bugtraq&m=111331593310508&w=2
- MISChttp://rhn.redhat.com/errata/RHSA-2015-1091.html
- MAILING_LISThttp://marc.info/?l=oss-security&m=127603032617644&w=2
- VENDOR_ADVISORYhttp://secunia.com/advisories/14902
- MISChttp://rhn.redhat.com/errata/RHSA-2015-1020.html
- MISChttp://rhn.redhat.com/errata/RHSA-2015-0807.html
- MISChttp://rhn.redhat.com/errata/RHSA-2015-0858.html
- MISChttp://rhn.redhat.com/errata/RHSA-2015-1021.html
- MISChttp://rhn.redhat.com/errata/RHSA-2015-0808.html
- MISChttp://rhn.redhat.com/errata/RHSA-2015-0809.html
- MISChttp://www.securityfocus.com/bid/13083
- MISChttp://rhn.redhat.com/errata/RHSA-2015-0854.html
- MISChttp://www.securiteam.com/securitynews/5IP0C0AFGW.html