Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2003-1301

Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses.

Published

2003-12-31T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application sun jre 1.4.2 Yes
Application sun jre 1.4.2_1 Yes
Application sun jre 1.4.2_2 Yes
Application sun jre 1.4.2_3 Yes
Application sun jre 1.4.2_4 Yes
Application sun jre 1.4.2_5 Yes
Application sun jre 1.4.2_6 Yes
Application sun jre 1.4.2_7 Yes
Application sun jre 1.4.2_8 Yes
Application sun jre 1.4.2_9 Yes
Application sun jre 1.4.2_10 Yes
Application sun jre 1.5.0 Yes
Application sun jre 1.5.0 Yes
Application sun jre 1.5.0 Yes
Application sun jre 1.5.0 Yes
Application sun jre 1.5.0 Yes
Application sun jre 1.5.0 Yes
References