Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 737128 - (CVE-2011-3387) CVE-2011-3387 java-1.4.2-ibm: DoS via class file parser in IBM Java 1.4.2.SR13.FP9
CVE-2011-3387 java-1.4.2-ibm: DoS via class file parser in IBM Java 1.4.2.SR1...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20110629,repor...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-09-09 13:03 EDT by Vincent Danen
Modified: 2011-09-13 08:09 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-09-09 13:06:15 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Vincent Danen 2011-09-09 13:03:44 EDT 
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-3387 to
the following vulnerability:

Name: CVE-2011-3387
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3387
Assigned:
Reference: AIXAPAR:PM42551
Reference: https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551

The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote
authenticated users to cause a denial of service (memory consumption
or an infinite loop) via a crafted attribute length field in a class
file, related to validation of a length field at the wrong time, a
different vulnerability than CVE-2011-0311.
Comment 1 Vincent Danen 2011-09-09 13:06:15 EDT 
This flaw only affected FP9 and is fixed in FP10, which was made available via:

https://rhn.redhat.com/errata/RHSA-2011-1159.html
https://rhn.redhat.com/errata/RHSA-2011-1265.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.