X

The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 244986 The Java Runtime Environment Creates Temporary Files That Have "Guessable" File Names

Guest Author
Product: Sun Java Standard Edition (Java SE)

The Java Runtime Environment creates temporary files with insufficiently random names. This may be leveraged to write JAR files which may then be loaded as untrusted applets and Java Web Start applications to access and provide services from localhost and hence steal cookies.

State: Resolved
First released: 03-Dec-2008

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.