CVE-2004-1029

JDK 1.4.2_01 and 1.4.2_04 - Remote Code Execution via Java Plugin Reflection API

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1029. PoCs published by Jouko Pynnonen.

AI-analyzed exploit summary The provided code is a JavaScript snippet demonstrating a vulnerability in the Sun Java Plug-in where JavaScript can load a Java class and pass it to an applet. This is a proof-of-concept for an access control bypass rather than a full exploit.

Description

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Jouko Pynnonen · textdosmultiple

https://www.exploit-db.com/exploits/24763

View Code ZIP pw:eip

The provided code is a JavaScript snippet demonstrating a vulnerability in the Sun Java Plug-in where JavaScript can load a Java class and pass it to an applet. This is a proof-of-concept for an access control bypass rather than a full exploit.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Theoretical

Target: Sun Java Plug-in (versions affected by CVE-2004-1029)

No auth needed

Prerequisites: A web browser with the vulnerable Sun Java Plug-in installed · A malicious website hosting the JavaScript code

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (15)

Core 15

Core References

Various Sources third-party-advisory x_refsource_idefense

http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities

Various Sources x_refsource_misc

http://jouko.iki.fi/adv/javaplugin.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674

Mailing List vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html

Various Sources x_refsource_confirm

http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/13271

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/29035

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/61

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/12317

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/0599

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/18188

Patch, Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/760344

Various Sources x_refsource_confirm

http://www-1.ibm.com/support/docview.wss?uid=swg21257249

Patch, Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1

Scores

EPSS 0.1702

EPSS Percentile 96.7%

Details

CWE

CWE-264

Status published

Products (25)

conectiva/linux 10.0

gentoo/linux

hp/hp-ux 11.00

hp/hp-ux 11.11

hp/hp-ux 11.22

hp/hp-ux 11.23

hp/java_sdk-rte 1.3

hp/java_sdk-rte 1.4

sun/jdk 1.3.1_01 (2 CPE variants)

sun/jdk 1.3.1_01a

... and 15 more

Published Mar 01, 2005

Tracked Since Feb 18, 2026