CVE-2005-3583
JRE and SDK 1.4.2_08, 1.4.2_09, 1.5.0_05 - Denial of Service via Crafted Serialized Object
Title source: llmDescription
(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss.
References (4)
Core 4
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=113113125121878&w=2
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17478/
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/143
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15312
Scores
EPSS
0.0094
EPSS Percentile
76.5%
Details
Status
published
Products (4)
sun/jre
1.4.2
sun/sdk
1.4.2_08
sun/sdk
1.4.2_09
sun/sdk
1.5.0_05
Published
Nov 16, 2005
Tracked Since
Feb 18, 2026