[原文]Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names.
Sun Java Plugin 8.3 Name Predictable File Location Weakness
Remote / Network Access
Loss of Integrity
Sun Java Plugin contains a flaw that may allow a malicious user to write arbitrary content. The issue is triggered when the plugin creates temporary files with predictable names in a predictable location for a class which may be referenced by the 8.3 file schema occurs. It is possible that the flaw may allow the writing of arbitrary content to the files resulting in a loss of integrity.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): changing the default temporary internet files directory.