CVE-2003-1572

Sun Java Media Framework 2.1.1-2.1.1c - Denial of Service and Memory Access via ReadEnv Class

Title source: llm
STIX 2.1

Description

Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields.

References (4)

Core 4
Core References
Various Sources mailing-list x_refsource_bugtraq
http://archive.cert.uni-stuttgart.de/bugtraq/2003/06/msg00219.html
Various Sources x_refsource_misc
http://www.illegalaccess.org/java/jmf.php
Vendor Advisory vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F54760
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1006777

Scores

EPSS 0.0040
EPSS Percentile 60.9%

Details

Status published
Products (4)
sun/jmf 2.1.1
sun/jmf 2.1.1a
sun/jmf 2.1.1b
sun/jmf 2.1.1c
Published Jun 01, 2009
Tracked Since Feb 18, 2026