vendor:
Java Virtual Machine
by:
Not specified
7.5
CVSS
HIGH
Insecure Temporary File Creation
377
CWE
Product Name: Java Virtual Machine
Affected Version From: Not specified
Affected Version To: Not specified
Patch Exists: NO
Related CWE: Not specified
CPE: a:sun:java_virtual_machine
Platforms Tested: Unix, Linux, and Microsoft platforms
Not specified
Insecure Temporary File Creation in Sun Java Virtual Machine
The Sun Java Virtual Machine is prone to an insecure temporary file creation weakness. The issue is caused by the 'Font.createFont' method creating a temporary file with a predictable name. This vulnerability can be exploited in combination with other vulnerabilities in Internet Explorer to execute arbitrary code on a vulnerable computer.
Mitigation:
It is recommended to apply the latest patches and updates from the vendor to address this vulnerability. Additionally, users should exercise caution when visiting untrusted websites and avoid downloading files from untrusted sources.