Sun Java Web Start PersistenceService Application Traversal Arbitrary File Overwrite (102957)
High Nessus Plugin ID 25627
SynopsisThe remote Windows host has an application that is affected by a privilege escalation vulnerability.
DescriptionAccording to its version number, the Sun Java Runtime Environment (JRE) installed on the remote host reportedly may allow an untrusted application to elevate its privileges by first granting itself permission to overwrite any file that is writable by the user running the application.
SolutionUpdate to Sun Java 2 JDK and JRE 5.0 Update 12 / SDK and JRE 1.4.2_14 / SDK or later and remove, if necessary, any affected versions.