Lucene search

MitreCVE-2004-2627

HistoryDec 04, 2005 - 10:00 p.m.

CVE-2004-2627

2005-12-0422:00:00

mitre

web.nvd.nist.gov

java

j2me

bytecode validation

security vulnerability

arbitrary code execution

cve-2004-2627

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.132

Percentile

95.6%

JSON

Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code.

Affected configurations

Nvd

Node

sunj2meMatchmicro

VendorProductVersionCPE
sunj2memicrocpe:2.3:a:sun:j2me:micro:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	j2me	micro	cpe:2.3:a:sun:j2me:micro:::::::*

References

archives.neohapsis.com/archives/bugtraq/2004-10/0231.html

archives.neohapsis.com/archives/fulldisclosure/2004-10/0884.html

secunia.com/advisories/12945

securitytracker.com/id?1011898

www.osvdb.org/11041

www.theregister.co.uk/2004/10/22/mobile_java_peril/

exchange.xforce.ibmcloud.com/vulnerabilities/17825

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.132

Percentile

95.6%

JSON

Related for CVE-2004-2627