3.5
CVE-2011-0311
- EPSS 0.79%
- Published 02.09.2011 23:55:01
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read.
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Runtimes For Java Technology Version <= 5.0.12.4
Ibm ≫ Runtimes For Java Technology Version <= 6.0.9.0
Ibm ≫ Runtimes For Java Technology Version5.0.0
Ibm ≫ Runtimes For Java Technology Version5.0.11.0
Ibm ≫ Runtimes For Java Technology Version5.0.11.1
Ibm ≫ Runtimes For Java Technology Version5.0.11.2
Ibm ≫ Runtimes For Java Technology Version5.0.12.0
Ibm ≫ Runtimes For Java Technology Version5.0.12.1
Ibm ≫ Runtimes For Java Technology Version5.0.12.2
Ibm ≫ Runtimes For Java Technology Version5.0.12.3
Ibm ≫ Runtimes For Java Technology Version6.0.0
Ibm ≫ Runtimes For Java Technology Version6.0.1.0
Ibm ≫ Runtimes For Java Technology Version6.0.2.0
Ibm ≫ Runtimes For Java Technology Version6.0.3.0
Ibm ≫ Runtimes For Java Technology Version6.0.4.0
Ibm ≫ Runtimes For Java Technology Version6.0.5.0
Ibm ≫ Runtimes For Java Technology Version6.0.6.0
Ibm ≫ Runtimes For Java Technology Version6.0.7.0
Ibm ≫ Runtimes For Java Technology Version6.0.8.0
Ibm ≫ Runtimes For Java Technology Version6.0.8.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.79% | 0.729 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 3.5 | 6.8 | 2.9 |
AV:N/AC:M/Au:S/C:N/I:N/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.