The host is installed with Oracle Java JDK and JRE 6 before Update 7, 5.0 Update 16 or earlier or 1.4.x before 1.4.2_18 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to handle the writeManifest method in the CacheEntry class. Successful exploitation could allow attackers to create arbitrary files via the writeManifest method in the CacheEntry ...