[Forgot Password]
Login  Register Subscribe

23631

 
 

122183

 
 

98060

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-0311

Date: (C)2011-09-02   (M)2017-08-18 


The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read.

CVSS Score: 3.5Access Vector: NETWORK
Exploit Score: 6.8Access Complexity: MEDIUM
Impact Score: 2.9Authentication: SINGLE_INSTANCE
 Confidentiality: NONE
 Integrity: NONE
 Availability: PARTIAL





Reference:
IZ89602
IZ89620
PM42551
RHSA-2011:1159
RHSA-2011:1265
SUSE-SA:2011:024
SUSE-SU-2011:0823
ibm-rjt-classfile-dos(65189)

CPE    10
cpe:/a:ibm:java:1.4.2.13.7
cpe:/a:ibm:java:1.4.2.13.8
cpe:/a:ibm:java:1.4.2.13.5
cpe:/a:ibm:java:1.4.2.13.6
...
CWE    1
CWE-119

© 2013 SecPod Technologies