Vulnerabilities > CVE-2004-2540 - Denial-Of-Service vulnerability in SUN JDK and JRE

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

sun

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN JDK 1.4 SUN JDK 1.4.0_01 SUN JDK 1.4.0_02 SUN JDK 1.4.0_03 SUN JDK 1.4.0_4 SUN JDK 1.4.1 SUN JDK 1.4.1_01 SUN JDK 1.4.1_02 SUN JDK 1.4.1_03 SUN JDK 1.4.2 SUN JDK 1.4.2_01 SUN JDK 1.4.2_02 SUN JDK 1.4.2_03 SUN JDK 1.4.2_04 SUN JDK 1.4.2_05 SUN JRE 1.4 SUN JRE 1.4.0_01 SUN JRE 1.4.0_02 SUN JRE 1.4.0_03 SUN JRE 1.4.0_04 SUN JRE 1.4.1 SUN JRE 1.4.1_01 SUN JRE 1.4.1_02 SUN JRE 1.4.1_07 SUN JRE 1.4.2	84

Summary

Vulnerable Configurations

References