Lucene search

[email protected]CVE-2005-3583

HistoryNov 16, 2005 - 7:42 a.m.

CVE-2005-3583

2005-11-1607:42:00

[email protected]

web.nvd.nist.gov

cve-2005-3583

java runtime environment

sdk

denial of service

serialized object

jboss

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.1 High

AI Score

Confidence

High

0.278 Low

EPSS

Percentile

96.8%

JSON

(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss.

Affected configurations

NVD

Node

sunjreMatch1.4.2

sunsdkMatch1.4.2_08

sunsdkMatch1.4.2_09

sunsdkMatch1.5.0_05

CPENameOperatorVersion
sun:jresun jreeq1.4.2
sun:sdksun sdkeq1.4.2_08
sun:sdksun sdkeq1.4.2_09
sun:sdksun sdkeq1.5.0_05

CPE	Name	Operator	Version
sun:jre	sun jre	eq	1.4.2
sun:sdk	sun sdk	eq	1.4.2_08
sun:sdk	sun sdk	eq	1.4.2_09
sun:sdk	sun sdk	eq	1.5.0_05

References

marc.info/?l=bugtraq&m=113113125121878&w=2

secunia.com/advisories/17478/

securityreason.com/securityalert/143

www.securityfocus.com/bid/15312

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.1 High

AI Score

Confidence

High

0.278 Low

EPSS

Percentile

96.8%

JSON

Related for CVE-2005-3583

cvelist1 nvd1