Vulnerability Note VU#118558

Sun Java Runtime Environment vulnerable to DoS

Overview

The Sun Java Runtime Environment (JRE ) contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service condition in the Java Virtual Machine (JVM).

I. Description

The Sun Java Runtime Environment provides the libraries and components necessary to run Java-based applications. There is a non-specific vulnerability in the Java Runtime Environment, which could allow an unauthenticated, remote attacker to cause the Java Virtual Machine to become unresponsive.

II. Impact

An unauthenticated, remote attacker could cause a denial-of-service condition.

III. Solution

According to Sun Security Alert 57555, this issue has been addressed in the following releases:

Windows Production Releases

SDK and JRE 1.4.2_04 or later 1.4.2 releases
Solaris Operating Environment Releases
SDK and JRE 1.4.2_04 or later 1.4.2 releases
Linux Production Releases
SDK and JRE 1.4.2_04 or later 1.4.2 releases

Systems Affected

Vendor	Status	Date Notified	Date Updated
Sun Microsystems Inc.	Vulnerable	14-May-2004

References

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57555
http://secunia.com/advisories/11570/
http://java.sun.com/j2se/desktopjava/jre/index.jsp
http://java.sun.com/j2se/

Credit

This vulnerability was reported by Sun Microsystems.

This document was written by Damon Morda.

Other Information

Date Public:	2004-05-06
Date First Published:	2004-05-14
Date Last Updated:	2004-05-21
CERT Advisory:
CVE-ID(s):
NVD-ID(s):
US-CERT Technical Alerts:
Metric:	1.72
Document Revision:	13

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader