CVSS: 5.0EPSS: 34%CPEs: 2EXPL: 0CVE-2004-1503
https://notcve.org/view.php?id=CVE-2004-1503
Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative. • http://marc.info/?l=bugtraq&m=109994063331773&w=2 http://secunia.com/advisories/13142 http://www.securityfocus.com/bid/11619 https://exchange.xforce.ibmcloud.com/vulnerabilities/17990 •
CVSS: 9.3EPSS: 19%CPEs: 157EXPL: 1CVE-2004-1029 – Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass
https://notcve.org/view.php?id=CVE-2004-1029
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. • https://www.exploit-db.com/exploits/24763 http://jouko.iki.fi/adv/javaplugin.html http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html http://secunia.com/advisories/13271 http://secunia.com/advisories/29035 http://securityreason.com/securityalert/61 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1 http://sunsolve.sun.co • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0CVE-2004-0651
https://notcve.org/view.php?id=CVE-2004-0651
Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). Vulnerabilidad desconocida en Sun Java Runtime Environment (JRE) 1.4.2 a 1.4.2_03 permite a atacantes remotos causar una denegación de servicio (cuelgue de la máquina virtual). • http://marc.info/?l=bugtraq&m=108559041910233&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57555 http://www.kb.cert.org/vuls/id/118558 http://www.securityfocus.com/advisories/6773 http://www.securityfocus.com/bid/10301 https://exchange.xforce.ibmcloud.com/vulnerabilities/16085 •
CVSS: 5.0EPSS: 6%CPEs: 17EXPL: 1CVE-2003-1301
https://notcve.org/view.php?id=CVE-2003-1301
Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses. • http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4396719 http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4944300 http://www.illegalaccess.org/exploit/ObjectStackOverflow.html http://www.securityfocus.com/archive/1/434705/100/0/threaded http://www.securityfocus.com/bid/18058 •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 1CVE-2003-1156
https://notcve.org/view.php?id=CVE-2003-1156
Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program. • http://www.securityfocus.com/archive/1/343038 http://www.securityfocus.com/bid/8937 https://exchange.xforce.ibmcloud.com/vulnerabilities/13570 •