Vulnerabilities > CVE-2004-2627 - Remote Security vulnerability in Java 2 Micro Edition

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

sun

critical

NVD

Published: 2004-12-31

Updated: 2017-07-20

Summary

Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN J2Me Micro	1

References

http://archives.neohapsis.com/archives/bugtraq/2004-10/0231.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0884.html
http://secunia.com/advisories/12945
http://securitytracker.com/id?1011898
http://www.osvdb.org/11041
http://www.theregister.co.uk/2004/10/22/mobile_java_peril/
https://exchange.xforce.ibmcloud.com/vulnerabilities/17825