CVE-2003-1123

Sun Java Runtime Environment <1.4.0.01 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1123. PoCs published by Marc Schoenefeld.

AI-analyzed exploit summary This exploit leverages a vulnerability in the Sun Java Runtime Environment (CVE-2003-1123) to read environment variables by manipulating memory via the Java Media Framework. It demonstrates unauthorized access to sensitive information through a trusted applet.

Description

Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Marc Schoenefeld · javalocalmultiple

https://www.exploit-db.com/exploits/22732

View Code ZIP pw:eip

This exploit leverages a vulnerability in the Sun Java Runtime Environment (CVE-2003-1123) to read environment variables by manipulating memory via the Java Media Framework. It demonstrates unauthorized access to sensitive information through a trusted applet.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Sun Java Runtime Environment (JRE) with Java Media Framework

No auth needed

Prerequisites: Java applet execution environment · Java Media Framework installed

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/7824

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/12189

Patch, Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-55100-1

Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/393292

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/8958

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1006935

Scores

EPSS 0.1109

EPSS Percentile 95.4%

Details

Status published

Products (19)

sun/jdk 1.2.2

sun/jdk 1.2.2_10 (3 CPE variants)

sun/jdk 1.2.2_11 (3 CPE variants)

sun/jdk 1.2.2_12

sun/jdk 1.3

sun/jdk 1.3.0_02 (3 CPE variants)

sun/jdk 1.3.0_05 (3 CPE variants)

sun/jdk 1.3.1_01 (2 CPE variants)

sun/jdk 1.3.1_01a

sun/jdk 1.3.1_03 (3 CPE variants)

... and 9 more

Published Dec 31, 2003

Tracked Since Feb 18, 2026