CVE-2004-1503JRE vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.9%
top 23.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN JRE
Timeline
PublishedDec 31
Latest updateApr 29

Description

Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDsun/jre1.4.2, 1.5.0+1

🔴Vulnerability Details

2
GHSA
GHSA-vv6f-qp84-87j9: Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 12022-04-29
CVEList
CVE-2004-1503: Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 12005-02-19
CVE-2004-1503 — SUN JRE vulnerability | cvebase