FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jdk -- jar directory traversal vulnerability

Affected packages
jdk <= 1.2.2p11_3
1.3.* <= jdk <= 1.3.1p9_4
1.4.* <= jdk <= 1.4.2p7
1.5.* <= jdk <= 1.5.0p1_1
linux-ibm-jdk <= 1.4.2_1
linux-sun-jdk <= 1.4.2.08_1
linux-sun-jdk = 1.5.0b1
linux-sun-jdk = 1.5.0b1,1
1.5.0,2 <= linux-sun-jdk <= 1.5.0.02,2
linux-blackdown-jdk <= 1.4.2_2
diablo-jdk <= 1.3.1.0_1
diablo-jdk-freebsd6 <= i386.1.5.0.07.00
0 <= linux-jdk

Details

VuXML ID 18e5428f-ae7c-11d9-837d-000e0c2e438a
Discovery 2005-04-11
Entry 2005-04-16
Modified 2006-09-12

Pluf has discovered a vulnerability in Sun Java JDK/SDK, which potentially can be exploited by malicious people to compromise a user's system.

The jar tool does not check properly if the files to be extracted have the string "../" on its names, so it's possible for an attacker to create a malicious jar file in order to overwrite arbitrary files within the filesystem.

References

CVE Name CVE-2005-1080
Message 200504120226.10559.pluf@7a69ezine.org
URL http://secunia.com/advisories/14902/
URL http://www.securiteam.com/securitynews/5IP0C0AFGW.html