CVE-2007-3504

CVE-2007-3504 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite privileges to itself. NOTE: this can be leveraged to execute arbitrary code by overwriting a .java.policy file.

Learn more about our Web App Pen Testing.