Lucene search

[email protected]CVE-2004-1029

HistoryMar 01, 2005 - 5:00 a.m.

CVE-2004-1029

2005-03-0105:00:00

CWE-264

[email protected]

web.nvd.nist.gov

sun java

java plugin

jre

cve-2004-1029

remote code execution

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.192 Low

EPSS

Percentile

96.3%

JSON

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.

Affected configurations

NVD

Node

hpjava_sdk-rteMatch1.3hp-ux_pa-risc

hpjava_sdk-rteMatch1.4hp-ux_pa-risc

sunjdkMatch1.3.1_01linux

sunjdkMatch1.3.1_01solaris

sunjdkMatch1.3.1_01awindows

sunjdkMatch1.3.1_02linux

sunjdkMatch1.3.1_02solaris

sunjdkMatch1.3.1_02windows

sunjdkMatch1.3.1_03linux

sunjdkMatch1.3.1_03solaris

sunjdkMatch1.3.1_03windows

sunjdkMatch1.3.1_04windows

sunjdkMatch1.3.1_05linux

sunjdkMatch1.3.1_05solaris

sunjdkMatch1.3.1_05windows

sunjdkMatch1.3.1_06linux

sunjdkMatch1.3.1_06solaris

sunjdkMatch1.3.1_06windows

sunjdkMatch1.3.1_07linux

sunjdkMatch1.3.1_07solaris

sunjdkMatch1.3.1_07windows

sunjdkMatch1.4linux

sunjdkMatch1.4solaris

sunjdkMatch1.4windows

sunjdkMatch1.4.0_01windows

sunjdkMatch1.4.0_02linux

sunjdkMatch1.4.0_02solaris

sunjdkMatch1.4.0_02windows

sunjdkMatch1.4.0_03linux

sunjdkMatch1.4.0_03solaris

sunjdkMatch1.4.0_03windows

sunjdkMatch1.4.0_4linux

sunjdkMatch1.4.0_4solaris

sunjdkMatch1.4.0_4windows

sunjdkMatch1.4.1linux

sunjdkMatch1.4.1solaris

sunjdkMatch1.4.1windows

sunjdkMatch1.4.1_01linux

sunjdkMatch1.4.1_01solaris

sunjdkMatch1.4.1_01windows

sunjdkMatch1.4.1_02linux

sunjdkMatch1.4.1_02solaris

sunjdkMatch1.4.1_02windows

sunjdkMatch1.4.1_03linux

sunjdkMatch1.4.1_03solaris

sunjdkMatch1.4.1_03windows

sunjdkMatch1.4.2linux

sunjdkMatch1.4.2solaris

sunjdkMatch1.4.2windows

sunjdkMatch1.4.2_01linux

sunjdkMatch1.4.2_02linux

sunjdkMatch1.4.2_03linux

sunjdkMatch1.4.2_03solaris

sunjdkMatch1.4.2_03windows

sunjdkMatch1.4.2_04linux

sunjdkMatch1.4.2_04solaris

sunjdkMatch1.4.2_04windows

sunjdkMatch1.4.2_05linux

sunjdkMatch1.4.2_05solaris

sunjdkMatch1.4.2_05windows

sunjreMatch1.3.0linux

sunjreMatch1.3.0solaris

sunjreMatch1.3.0windows

sunjreMatch1.3.0update1linux

sunjreMatch1.3.0update2linux

sunjreMatch1.3.0update2solaris

sunjreMatch1.3.0update2windows

sunjreMatch1.3.0update3linux

sunjreMatch1.3.0update4linux

sunjreMatch1.3.0update4windows

sunjreMatch1.3.0update5linux

sunjreMatch1.3.0update5solaris

sunjreMatch1.3.0update5windows

sunjreMatch1.3.1linux

sunjreMatch1.3.1update1linux

sunjreMatch1.3.1update1solaris

sunjreMatch1.3.1update1windows

sunjreMatch1.3.1update1awindows

sunjreMatch1.3.1update4solaris

sunjreMatch1.3.1update4windows

sunjreMatch1.3.1update8linux

sunjreMatch1.3.1update8solaris

sunjreMatch1.3.1update8windows

sunjreMatch1.3.1_02linux

sunjreMatch1.3.1_02solaris

sunjreMatch1.3.1_02windows

sunjreMatch1.3.1_03linux

sunjreMatch1.3.1_03solaris

sunjreMatch1.3.1_03windows

sunjreMatch1.3.1_05linux

sunjreMatch1.3.1_05solaris

sunjreMatch1.3.1_05windows

sunjreMatch1.3.1_06linux

sunjreMatch1.3.1_06solaris

sunjreMatch1.3.1_06windows

sunjreMatch1.3.1_07linux

sunjreMatch1.3.1_07solaris

sunjreMatch1.3.1_07windows

sunjreMatch1.3.1_09linux

sunjreMatch1.3.1_09solaris

sunjreMatch1.3.1_09windows

sunjreMatch1.4linux

sunjreMatch1.4solaris

sunjreMatch1.4windows

sunjreMatch1.4.0_01solaris

sunjreMatch1.4.0_01windows

sunjreMatch1.4.0_02linux

sunjreMatch1.4.0_02solaris

sunjreMatch1.4.0_02windows

sunjreMatch1.4.0_03linux

sunjreMatch1.4.0_03solaris

sunjreMatch1.4.0_03windows

sunjreMatch1.4.0_04linux

sunjreMatch1.4.0_04solaris

sunjreMatch1.4.0_04windows

sunjreMatch1.4.1linux

sunjreMatch1.4.1solaris

sunjreMatch1.4.1windows

sunjreMatch1.4.1update3linux

sunjreMatch1.4.1update3solaris

sunjreMatch1.4.1update3windows

sunjreMatch1.4.1_01linux

sunjreMatch1.4.1_01solaris

sunjreMatch1.4.1_01windows

sunjreMatch1.4.1_02linux

sunjreMatch1.4.1_02solaris

sunjreMatch1.4.1_02windows

sunjreMatch1.4.1_07windows

sunjreMatch1.4.2linux

sunjreMatch1.4.2solaris

sunjreMatch1.4.2windows

sunjreMatch1.4.2update1linux

sunjreMatch1.4.2update1solaris

sunjreMatch1.4.2update1windows

sunjreMatch1.4.2update2linux

sunjreMatch1.4.2update2solaris

sunjreMatch1.4.2update2windows

sunjreMatch1.4.2update3linux

sunjreMatch1.4.2update3solaris

sunjreMatch1.4.2update3windows

sunjreMatch1.4.2update4linux

sunjreMatch1.4.2update4solaris

sunjreMatch1.4.2update4windows

sunjreMatch1.4.2update5linux

sunjreMatch1.4.2update5solaris

sunjreMatch1.4.2update5windows

symantecenterprise_firewallMatch8.0

symantecenterprise_firewallMatch8.0solaris

symantecenterprise_firewallMatch8.0windows_2000_nt

conectivalinuxMatch10.0

Node

gentoolinux

hphp-uxMatch11.00

hphp-uxMatch11.11

hphp-uxMatch11.22

hphp-uxMatch11.23ia64_64-bit

Node

symantecgateway_security_5400Match2.0

symantecgateway_security_5400Match2.0.1

CPENameOperatorVersion
hp:java_sdk-rtehp java sdk-rteeq1.3
hp:java_sdk-rtehp java sdk-rteeq1.4
sun:jdksun jdkeq1.3.1_01
sun:jdksun jdkeq1.3.1_01a
sun:jdksun jdkeq1.3.1_02
sun:jdksun jdkeq1.3.1_03
sun:jdksun jdkeq1.3.1_04
sun:jdksun jdkeq1.3.1_05
sun:jdksun jdkeq1.3.1_06
sun:jdksun jdkeq1.3.1_07

CPE	Name	Operator	Version
hp:java_sdk-rte	hp java sdk-rte	eq	1.3
hp:java_sdk-rte	hp java sdk-rte	eq	1.4
sun:jdk	sun jdk	eq	1.3.1_01
sun:jdk	sun jdk	eq	1.3.1_01a
sun:jdk	sun jdk	eq	1.3.1_02
sun:jdk	sun jdk	eq	1.3.1_03
sun:jdk	sun jdk	eq	1.3.1_04
sun:jdk	sun jdk	eq	1.3.1_05
sun:jdk	sun jdk	eq	1.3.1_06
sun:jdk	sun jdk	eq	1.3.1_07