Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C
Vendors Products
Sun
  • Jmf

Configuration 1 [-]

OR cpe:2.3:a:sun:jmf:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:jmf:2.1.1a:*:*:*:*:*:*:*
cpe:2.3:a:sun:jmf:2.1.1b:*:*:*:*:*:*:*
cpe:2.3:a:sun:jmf:2.1.1c:*:*:*:*:*:*:*
References
Link Resource
http://archive.cert.uni-stuttgart.de/bugtraq/2003/06/msg00219.html
http://securitytracker.com/id?1006777
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F54760
http://www.illegalaccess.org/java/jmf.php
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:15:42

Updated: 2022-10-03T16:15:42

Reserved: 2022-10-03T00:00:00

Link: CVE-2003-1572

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2009-06-01T22:30:00.187

Modified: 2009-06-02T04:00:00.000

Link: CVE-2003-1572

JSON object: View

cve-icon Redhat Information

No data.

CWE