CVE-2004-2764JRE vulnerability

CWE-2643 documents3 sources
Severity
10.0CRITICALNVD
EPSS
1.0%
top 22.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN JRESUN SDK
Timeline
PublishedJun 2
Latest updateApr 29

Description

Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4.1 through 1.4.1_07, and 1.4.0 through 1.4.0_04 allows untrusted applets and unprivileged servlets to gain privileges and read data from other applets via unspecified vectors related to classes in the XSLT processor, aka "XML sniffing."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDsun/jre34 versions+33
NVDsun/sdk18 versions+17

🔴Vulnerability Details

2
GHSA
GHSA-3hm7-25rv-3whx: Sun SDK and Java Runtime Environment (JRE) 12022-04-29
CVEList
CVE-2004-2764: Sun SDK and Java Runtime Environment (JRE) 12009-06-02
CVE-2004-2764 — SUN JRE vulnerability | cvebase