Vulnerabilities > CVE-2005-3583 - Remote Denial of Service vulnerability in Sun Java Development Kit Font Serialization

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

sun

NVD

Published: 2005-11-16

Updated: 2016-10-18

Summary

(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN JRE 1.4.2 SUN SDK 1.4.2_08 SUN SDK 1.4.2_09 SUN SDK 1.5.0_05	4

References

http://marc.info/?l=bugtraq&m=113113125121878&w=2
http://secunia.com/advisories/17478/
http://securityreason.com/securityalert/143
http://www.securityfocus.com/bid/15312