|Date: (C)2011-09-02 (M)2017-08-29|
|CVSS Score: 4.0||Access Vector: NETWORK|
|Exploitability Subscore: 8.0||Access Complexity: LOW|
|Impact Subscore: 2.9||Authentication: SINGLE_INSTANCE|
| ||Confidentiality: NONE|
| ||Integrity: NONE|
| ||Availability: PARTIAL|
The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311.