Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-1029

CWE-2644 documents4 sources

Severity

9.3CRITICAL

EPSS

37.0%

top 2.84%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Conectiva Linux HP Hp-ux HP Java Sdk-rte +4 more

Timeline

PublishedMar 1

Latest updateApr 29

Description

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages7 packages

▶NVDhp/java_sdk-rte1.3, 1.4+1

▶NVDsun/jdk23 versions+22

▶NVDsun/jre18 versions+17

▶NVDhp/hp-ux4 versions+3

▶NVDconectiva/linux10.0

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-fx66-7j9p-32m3: The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1↗2022-04-29

▶

CVEList

CVE-2004-1029: The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1↗2004-11-24

▶

💥Exploits & PoCs

Exploit-DB

Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass↗2004-11-22

▶