Sun Java Runtime Environment vulnerable to DoS

2004-05-14T00:00:00
ID VU:118558
Type cert
Reporter CERT
Modified 2004-05-21T00:00:00

Description

Overview

The Sun Java Runtime Environment (JRE) contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service condition in the Java Virtual Machine (JVM).

Description

The Sun Java Runtime Environment provides the libraries and components necessary to run Java-based applications. There is a non-specific vulnerability in the Java Runtime Environment, which could allow an unauthenticated, remote attacker to cause the Java Virtual Machine to become unresponsive.


Impact

An unauthenticated, remote attacker could cause a denial-of-service condition.


Solution

According to Sun Security Alert 57555, this issue has been addressed in the following releases:

Windows Production Releases

* SDK and JRE 1.4.2_04 or later 1.4.2 releases

Solaris Operating Environment Releases

* SDK and JRE 1.4.2_04 or later 1.4.2 releases

Linux Production Releases

* SDK and JRE 1.4.2_04 or later 1.4.2 releases

Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Sun Microsystems Inc.| | -| 14 May 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

  • <http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57555>
  • <http://secunia.com/advisories/11570/>
  • <http://java.sun.com/j2se/desktopjava/jre/index.jsp>
  • <http://java.sun.com/j2se/>

Credit

This vulnerability was reported by Sun Microsystems .

This document was written by Damon Morda.

Other Information

  • CVE IDs: Unknown
  • Date Public: 06 May 2004
  • Date First Published: 14 May 2004
  • Date Last Updated: 21 May 2004
  • Severity Metric: 1.72
  • Document Revision: 13