Jre@1.4.2 Security Vulnerabilities and Issues — Jre@1.4.2 CVE List

Lucene search

SunJre1.4.2

9 matches found

CVE•added 2005/11/16 7:37 a.m.•62 views

CVE-2004-2540

readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.

5CVSS6.5AI score0.00928EPSS

CVE•added 2005/03/01 5:0 a.m.•60 views

CVE-2004-1029

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using ...

9.3CVSS7.3AI score0.42558EPSS

CVE•added 2005/02/19 5:0 a.m.•51 views

CVE-2004-1503

Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and bec...

5CVSS7.3AI score0.00928EPSS

CVE•added 2005/11/16 7:42 a.m.•46 views

CVE-2005-3583

(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss.

7.8CVSS7.1AI score0.0094EPSS

CVE•added 2005/11/30 11:3 a.m.•42 views

CVE-2005-3905

Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors, a differen...

7.5CVSS7.3AI score0.11508EPSS

CVE•added 2005/11/30 11:3 a.m.•41 views

CVE-2005-3904

Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors.

7.5CVSS7.4AI score0.10002EPSS

CVE•added 2005/05/10 4:0 a.m.•40 views

CVE-2003-1156

Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program.

4.6CVSS6.8AI score0.00063EPSS

CVE•added 2005/11/30 11:3 a.m.•40 views

CVE-2005-3907

Unspecified vulnerability in Java Runtime Environment in Java JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors involving untrusted Java applets.

7.5CVSS7.3AI score0.08015EPSS

CVE•added 2005/11/30 11:3 a.m.•39 views

CVE-2005-3906

Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors, a different set of vul...

7.5CVSS7.4AI score0.11508EPSS