[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87888

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2011-0311Date: (C)2011-09-02   (M)2018-02-19


The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 3.5
Exploit Score: 6.8
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE_INSTANCE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
IZ89602
IZ89620
PM42551
RHSA-2011:1159
RHSA-2011:1265
SUSE-SA:2011:024
SUSE-SU-2011:0823
ibm-rjt-classfile-dos(65189)

CPE    10
cpe:/a:ibm:java:1.4.2.13.7
cpe:/a:ibm:java:1.4.2.13.8
cpe:/a:ibm:java:1.4.2.13.5
cpe:/a:ibm:java:1.4.2.13.6
...
CWE    1
CWE-119

© SecPod Technologies