CVE-2005-3583 — JRE vulnerability

3 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.9%

top 23.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN JRE SUN SDK

Timeline

PublishedNov 16

Latest updateMay 1

Description

(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶NVDsun/jre1.4.2

▶NVDsun/sdk1.4.2_08, 1.4.2_09, 1.5.0_05+2

🔴Vulnerability Details

GHSA

GHSA-pqxx-c8rf-4j52: (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1↗2022-05-01

▶

CVEList

CVE-2005-3583: (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1↗2005-11-16

▶