[Forgot Password]
Login  Register Subscribe

23631

 
 

119105

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-3387

Date: (C)2011-09-02   (M)2017-08-29 


The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311.

CVSS Score: 4.0Access Vector: NETWORK
Exploit Score: 8.0Access Complexity: LOW
Impact Score: 2.9Authentication: SINGLE_INSTANCE
 Confidentiality: NONE
 Integrity: NONE
 Availability: PARTIAL





Reference:
PM42551
RHSA-2011:1265
ibm-java-class-file-dos(69641)

CPE    1
cpe:/a:ibm:java:1.4.2.13.9
CWE    1
CWE-20

© 2013 SecPod Technologies