Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3905

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3905
Last Modified 07 Mar 2011 12:00:00
Published 30 Nov 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3905

Summary

Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors, a different vulnerability than CVE-2005-3906. NOTE: this is associated with the "first issue" identified in SUNALERT:102003.

Vulnerable Systems

Application

  • Sun Jdk 1.3

  • Sun Jdk 1.3 02

  • Sun Jdk 1.3 05

  • Sun Jdk 1.3.0 02

  • Sun Jdk 1.3.0 05

  • Sun Jdk 1.3.1 01

  • Sun Jdk 1.3.1 01a

  • Sun Jdk 1.3.1 02

  • Sun Jdk 1.3.1 03

  • Sun Jdk 1.3.1 04

  • Sun Jdk 1.3.1 05

  • Sun Jdk 1.3.1 06

  • Sun Jdk 1.3.1 07

  • Sun Jdk 1.3.1 08

  • Sun Jdk 1.3.1 09

  • Sun Jdk 1.3.1 10

  • Sun Jdk 1.3.1 11

  • Sun Jdk 1.3.1 12

  • Sun Jdk 1.3.1 13

  • Sun Jdk 1.3.1 14

  • Sun Jdk 1.3.1 15

  • Sun Jdk 1.4

  • Sun Jdk 1.4.0 01

  • Sun Jdk 1.4.0 02

  • Sun Jdk 1.4.0 03

  • Sun Jdk 1.4.0 4

  • Sun Jdk 1.4.1

  • Sun Jdk 1.4.1 01

  • Sun Jdk 1.4.1 02

  • Sun Jdk 1.4.1 03

  • Sun Jdk 1.4.2

  • Sun Jdk 1.4.2 01

  • Sun Jdk 1.4.2 02

  • Sun Jdk 1.4.2 03

  • Sun Jdk 1.4.2 04

  • Sun Jdk 1.4.2 05

  • Sun Jdk 1.4.2 08

  • Sun Jdk 1.5.0 03

  • Sun Jre 1.3.0

  • Sun Jre 1.3.1

  • Sun Jre 1.4.1

  • Sun Jre 1.4.2

  • Sun Jre 1.5.0


References

CERT-VN - VU#974188

SUNALERT - 102003

SECUNIA - 17748

XF - sun-reflection-api-elevate-privileges(23251)

VUPEN - ADV-2005-2946

VUPEN - ADV-2005-2675

VUPEN - ADV-2005-2636

BID - 15615

GENTOO - GLSA-200601-10

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21225628

SECTRACK - 1015280

SECUNIA - 18503

SECUNIA - 18435

SECUNIA - 18092

SECUNIA - 17847

APPLE - APPLE-SA-2005-11-30


Last Updated: 27 May 2016 10:41:06