OpenJDK CVE-2015-3149 Insecure Temporary File Handling Vulnerability

OpenJDK is prone to an insecure temporary file-handling vulnerability.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Note: This issue is the result of the regression of the issue described in BID 72155 (Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability).


 

Privacy Statement
Copyright 2010, SecurityFocus