Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1572

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2003-1572
Last Modified 02 Jun 2009 12:00:00
Published 01 Jun 2009 06:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-1572

Summary

Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields.

Vulnerable Systems

Application

  • Sun Jmf 2.1.1

  • Sun Jmf 2.1.1a

  • Sun Jmf 2.1.1b

  • Sun Jmf 2.1.1c


References

MISC - http://www.illegalaccess.org/java/jmf.php

SECTRACK - 1006777

BUGTRAQ - 20030625 Privilege escalation applet, Java Media Framework


Last Updated: 27 May 2016 10:38:25