Vulnerabilities > CVE-2003-1301 - Denial Of Service vulnerability in Sun Java Runtime Environment Nested Array Objects

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

sun

NVD

Published: 2003-12-31

Updated: 2018-10-30

Summary

Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN JRE 1.4.2 SUN JRE 1.4.2_1 SUN JRE 1.4.2_2 SUN JRE 1.4.2_3 SUN JRE 1.4.2_4 SUN JRE 1.4.2_5 SUN JRE 1.4.2_6 SUN JRE 1.4.2_7 SUN JRE 1.4.2_8 SUN JRE 1.4.2_9 SUN JRE 1.4.2_10 SUN JRE 1.5.0	17

References

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4396719
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4944300
http://www.illegalaccess.org/exploit/ObjectStackOverflow.html
http://www.securityfocus.com/archive/1/434705/100/0/threaded
http://www.securityfocus.com/bid/18058